Ubuntu 3910-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
– Allow to install cri-o as alternative to docker – Allow to install moby-engine as alternative to docker —- Update to v1.12.5 (Verify backend upgraded connection)
WordPress now powers over 1/3rd of the top 10 million sites on the web according to W3Techs. Our market share has been growing steadily over the last few years, going from 29.9% just one year ago to 33.4% now. We are, of course, quite proud of these numbers! The path here has been very exciting. […]
The post Why We Took Plesk to the Nordics #WCNordic appeared first on Plesk.
Backport security fixes: CVE-2019-7310, CVE-2018-20662
libvirt could be made to crash under certain conditions.
cPanel & WHM Version 80 will not support MySQL 5.5, and updates to cPanel & WHM Version 80 will be blocked for any server still running MySQL 5.5. We are also blocking updates for any cPanel & WHM servers that connect to MySQL 5.5 servers running. The MySQL/MariaDB Upgrade interface inside WHM makes upgrading safe and easy. Why the block? On December 31st, 2018, MySQL version 5.5 entered End of Life status. Any server currently running MySQL …
The system could be made to run programs as an administrator.
We’re outlining how the new integration works between Plesk Premium Email, Dovecot, SpamAssassin and its Bayes algorithms. See how our customers benefit.
The post New Kolab Release 2: Plesk Premium Email Anti-spam Integration appeared first on Plesk.
Update to 1.0.0, which includes fixes for CVE-2018-1340
xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update
new upstream version, to fix CVE-2018-10936
new upstream version, to fix CVE-2018-10936
Update to 1.0.0, which includes fixes for CVE-2018-1340
Francis McBratney discovered that the Windows Azure Linux Agent created swap files with world-readable permissions, resulting in information disclosure.
The system could be made to run programs as an administrator.
Ross Geerlings discovered that the XMLTooling library didn’t correctly handle exceptions on malformed XML declarations, which could result in denial of service against the application using XMLTooling.
Several security issues were fixed in PHP.
WALinuxAgent could be made to expose sensitive information.
As a part of an ongoing initiative to improve user experience in our product, in cPanel & WHM Version 78 we introduced cPanel Analytics. This functionality is intentionally built with ease of use and privacy in mind. It provides us with deeper insight into how our customers utilize cPanel, WHM, and Webmail without compromising the privacy of those users. We tested the feature directly with a few customers on cPanel & WHM Version 74, made some adjustments in …
The JSON handler in com_config lacks input validation, leading to XSS vulnerability.
Joomla! CMS versions 3.2.0 through 3.9.3
Upgrade to version 3.9.4
The JSST at the Joomla! Security Centre.
The item_title layout in edit views lacks escaping, leading to a XSS vulnerability.
Joomla! CMS versions 3.2.0 through 3.9.3
Upgrade to version 3.9.4
The JSST at the Joomla! Security Centre.
The media form field lacks escaping, leading to a XSS vulnerability.
Joomla! CMS versions 3.2.0 through 3.9.3
Upgrade to version 3.9.4
The JSST at the Joomla! Security Centre.
The sample data plugins lack ACL checks, allowing unauthorized access.
Joomla! CMS versions 3.8.0 through 3.9.3
Upgrade to version 3.9.4
The JSST at the Joomla! Security Centre.
Joomla 3.9.4 is now available. This is a security fix release for the 3.x series of Joomla which addresses 4 security vulnerabilities and contains 28 bug fixes and improvements.
LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.
An extremely convincing phishing attack that impersonates a multi-game skin trade bot appears to be using a fake Extended Validation TLS certificate to steal Steam accounts. The ongoing phishing attack impersonates TradeIt.gg, which facilitates the trading of skins, weapons and other in-game commodities within popular games like CS:GO, TF2 and DOTA. When a victim attempts […]
Kolab now integrates with Seafile, a cloud storage system. Find out what benefits this brings Plesk Premium Email customers.
The post New Kolab Releases (1): The Seafile Extension appeared first on Plesk.
WordPress 5.1.1 is now available! This security and maintenance release introduces 10 fixes and enhancements, including changes designed to help hosts prepare users for the minimum PHP version bump coming in 5.2. This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously […]
poppler could be made to crash if it opened a specially craftedfile.
58 queries. 8.75 mb Memory usage. 0.632 seconds.