Fedora 30: mod_auth_mellon Security Update
Apr09
on April 9, 2019
at 11:46 pm
Posted In: Uncategorized
New upstream release 0.14.2 which also fixes CVE-2019-3878 and CVE-2019-3877
Comment
Archive for April 9th, 2019
15 results.
update to the bugfix release 3.9.0
update to the bugfix release 3.9.0
[20190401] – Core – Directory Traversal in com_media
Apr09
on April 9, 2019
at 3:00 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 1.5.0 through 3.9.4
- Exploit type: Directory Traversal
- Reported Date: 2019-March-13
- Fixed Date: 2019-April-08
- CVE Number: CVE-2019-10945
Description
The Media Manager component does not properly sanitise the folder parameter, allowing attackers to act outside the media manager root directory.
Affected Installs
Joomla! CMS versions 1.5.0 through 3.9.4
Solution
Upgrade to version 3.9.5
Contact
The JSST at the Joomla! Security Centre.
Reported By: Haboob Research Team
[20190402] – Core – Helpsites refresh endpoint callable for unauthenticated users
Apr09
on April 9, 2019
at 3:00 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: High
- Versions: 3.2.0 through 3.9.4
- Exploit type: ACL Violation
- Reported Date: 2019-March-13
- Fixed Date: 2019-April-08
- CVE Number: CVE-2019-10946
Description
The “refresh list of helpsites” endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
Affected Installs
Joomla! CMS versions 3.2.0 through 3.9.4
Solution
Upgrade to version 3.9.5
Contact
The JSST at the Joomla! Security Centre.
Reported By: Benjamin Trenkle (JSST)
[20190403] – Core – Object.prototype pollution in JQuery $.extend
Apr09
on April 9, 2019
at 3:00 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Moderate
- Versions: 3.0.0 through 3.9.4
- Exploit type: XSS
- Reported Date: 2019-March-25
- Fixed Date: 2019-April-09
- CVE Number: TBA
Description
The $.extend method of JQuery is vulnerable to Object.prototype pollution attacks.
Affected Installs
Joomla! CMS versions 3.0.0 through 3.9.4
Solution
Upgrade to version 3.9.5
Contact
The JSST at the Joomla! Security Centre.
Reported By: Michał Gołębiowski-Owczarek, David Jardin (JSST)
Joomla 3.9.5 is now available. This is a security fix release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 20 bug fixes and improvements.
Last year, we shared “7 Ways We’ve Improved Email Hosting on cPanel & WHM” and we looked at some cool features for email accounts. After much improvement, we felt that Plus Addressing was an interesting enough feature to include as a blog post! So what is plus addressing? Known officially as subaddressing, plus addressing delivers mail in a particular way so that you can better organize incoming mail. Additionally, plus addressing is used as a method to …
RedHat: RHSA-2019-0734:01 Important: katello-installer-base security and
Apr09
on April 9, 2019
at 1:28 pm
Posted In: Uncategorized
An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.2 for RHEL 6 and Red Hat Satellite 6.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact
RedHat: RHSA-2019-0733:01 Important: katello-installer-base security and
Apr09
on April 9, 2019
at 1:24 pm
Posted In: Uncategorized
An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.3 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2019-0735:01 Important: katello-installer-base security and
Apr09
on April 9, 2019
at 1:24 pm
Posted In: Uncategorized
An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2019-0717:01 Important: kernel security and bug fix update
Apr09
on April 9, 2019
at 9:36 am
Posted In: Uncategorized
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Several security issues were fixed in Wget.
Several security issues were fixed in Wget.
WordPress 5.2 Beta 2 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the WordPress 5.2 beta: try the WordPress Beta Tester plugin (you’ll want to […]