New upstream release Fixes Debug file descriptor leak CVE-2019-1221 Fixes insecure debug file handling CVE-2019-1220
Security fix for CVE-2019-9959.
Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.
An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Ghostscript could be made to access files if it opened a specially crafted file.
poppler could be made to crash if it received specially crafted PDF.
The post Progressive Web Apps – The Future of The Web? appeared first on Plesk.
Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,
59 queries. 8.75 mb Memory usage. 0.856 seconds.