WordPress is the most commonly used CMS (Content Management Software) on the internet, with a market share of 59.5% of websites built on the internet. There are numerous ways to get a WordPress blog up and running for the public to see. One of the more popular ways to publish a blog is WordPress’ official site- WordPress.com. This site offers the opportunities for its users to build and maintain a free WordPress blog. There are downsides to a …
Archive for January, 2019
Netcraft’s new anti-phishing app, already available in the Google Play store, has just been released to the Amazon Appstore. The iOS app is with Apple for review. Android web browsers lack comprehensive protection against malicious websites, and in most cases only block a small fraction of the sites blocked by their desktop counterparts. The Netcraft […]
(Jan 31) – Resolves: #1666565, #1667625 – CVE-2018-20699 – Resolves: #1663068, #1667626 – umount all procfs and sysfs with –no-pivot – built docker @projectatomic/docker-1.13.1 commit 1185cfd – built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43
(Jan 30) The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the scp support could result in the bypass of this restriction, allowing the
(Jan 30) Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code.
(Jan 31) Multiple CVE fixes.
(Jan 30) Firefox could be made to crash or run programs as your login if it opened a malicious website.
(Jan 30) Java applets or applications could be made to expose sensitiveinformation.
(Jan 30) An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Jan 30) An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
WordPress 5.1 Beta 3
WordPress 5.1 Beta 3 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the WordPress 5.1 beta: try the WordPress Beta Testerplugin (you’ll want to select the “bleeding […]
(Jan 30) Security fix for CVE-2019-6706.
(Jan 29) Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
(Jan 30) Update to mingw-qt5-*-5.11.3, see http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ for details. Update to mingw-sip-4.19.13, see https://www.riverbankcomputing.com/static/Downloads/sip/ChangeLog for details.
(Jan 29) Several security issues were fixed in the Linux kernel.
(Jan 29) Several security issues were fixed in the Linux kernel.
(Jan 29) An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Jan 29) An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
My Plesk User Experience (2): Lessons learned from testing Plesk Onyx
The post My Plesk User Experience (2): Lessons learned from testing Plesk Onyx appeared first on Plesk.
The post My Plesk User Experience (1): Easy Starts and Common Issues appeared first on Plesk.
(Jan 28) Several issues were discovered in qtbase-opensource-src, a cross-platform C++ application framework, which could lead to denial-of-service via application crash. Additionally, this update fixes a problem affecting vlc, where it would start without a GUI.
(Jan 28) Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. CVE-2018-4056
(Jan 28) Spice could be made to crash or run programs if it received specially crafted network traffic.
Netcraft has developed a new anti-phishing app for Android to defend against fraudulent sites. The Netcraft app is available now on Google Play, and should shortly be available on the Amazon Appstore. The Netcraft app for iOS is coming soon. Netcraft’s new Android app provides rapid protection against phishing threats, with new attacks blocked as […]
(Jan 26) Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled).
(Jan 22) An attacker could trick APT into installing altered packages.
(Jan 24) Security fix for CVE-2019-5010 in Python. Anaconda is joined because an unrelated fix was done there that allowed to remove a workaround in Python.
(Jan 22) An attacker could trick APT into installing altered packages.
(Jan 23) Several security issues were fixed in NTP.
(Jan 22) An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability