(Dec 30) **Archive_Tar version 1.4.4** * Fix Bug #21058: Long symlinks are not supported [mrook] * Fix Bug #23782: Prevent phar:// files from being extracted [mrook] — **PEAR** * drop deprecated option used when running `pear run-tests`
Archive for January 1st, 2019
(Dec 26) Resiliency is an important factor to consider when evaluating an email security solution, yet this characteristic often goes overlooked. …
(Dec 27) The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
(Dec 31) Updated to 3.3.4. Security fix by upstream: Anti-Phishing protection.. Server-provided text will not appear in user-facing GUI windows anymore. Server error messages are instead parsed and mapped to predefined strings.