Debian: DSA-4400-1: openssl1.0 security update
Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. For the stable distribution (stretch), this problem has been fixed in
Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. For the stable distribution (stretch), this problem has been fixed in
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Multiple out-of-bounds memory accesses were found in the xmlrpc, mbstring and phar extensions and the dns_get_record() function.
Joey Hess discovered that the aggregate plugin of the Ikiwiki wiki compiler was susceptible to server-side request forgery, resulting in information disclosure or denial of service.
Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare() function of ldb, a LDAP-like embedded database, resulting in denial of service.
Update to 1.0.7 Fixes related to CVE-2019-5736.
Strengthening connections with our users is a huge part of the work that we do on the Community Team here at cPanel, and conferences like JoomlaDay Florida are perfect for that. Even on years that it sells out (like this one), it’s only around 150 of our best friends with great chances to interact, and still intimate enough that we get a chance to really talk to some of the best folks there. I …
Several security issues were fixed in GD.
In the February 2019 survey we received responses from 1,477,803,927 sites, 229,586,773 unique domains, and 8,366,753 web-facing computers. This reflects a loss of 40.4 million sites, and gains of 979k domains, and 157k web-facing computers. Microsoft experienced the largest gain in domains this month, with a net increase of just over one million. Despite several […]
The post All You Need to Know about the New WordPress Toolkit 3.5 [ VIDEO ] appeared first on Plesk.
NSS could be made to crash if it received specially crafted network traffic.
NSS could be made to crash if it received specially crafted network traffic.
OpenSSL could be made to expose sensitive information over the network.
A regression was introduced in the previous chromium security update. The browser would always crash when launched in headless mode. This update fixes this problem.
Security fix for CVE-2018-16741,CVE-2018-16744,CVE-2018-16745
Security fix for CVE-2018-16741,CVE-2018-16744,CVE-2018-16745
Firefox could be made to crash or run programs as your login if itopened a malicious website.
Several security issues were fixed in Thunderbird.
Many hosting providers have a large customer base with varying needs for their online projects. Available for systems running EasyApache 4, the MultiPHP Manager interface allows you to easily manage the PHP and PHP-FPM configurations of your cPanel accounts and domains. Hosting providers can switch between a number of different PHP versions with the click of a button, or allow more advanced users to upgrade to a newer version of PHP more quickly than others. There are …
GNOME Keyring could be made to expose sensitive information.
USN-3866-2 introduced a regression in Ghostscript.
LDB could be made to crash if it received specially crafted network traffic.
The post Are You Making Any of These 10 Website Launch Mistakes? appeared first on Plesk.
This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files.
Several security issues were fixed in Bind.
Rebase to Koji 1.16.2 for CVE-2018-1002161
Update to Pagure 5.3, which includes the fix for CVE-2019-7628.
After many months of development by a dedicated team of programmers and beta testers, the new LinuxSecurity is almost ready! Please bear with us while we work to bring back the RSS feeds.
Fixes CVE-2019-3813
The restrictions introduced in the security fix to address CVE-2019-1000018 also disallowed the -pf and -pt options which are used by the scp support in libssh2. This update restores support for those.
Several security issues were fixed in Bind.
58 queries. 8.75 mb Memory usage. 1.468 seconds.