Update to Samba 4.11.3 – Security fixes for CVE-2019-14861, CVE-2019-14870 —- Restart winbindd on samba-winbind package upgrade
Red Hat OpenShift Service Mesh 1.0.3. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
RabbitMQ could be made to execute arbitrary code if it received a specially crafted input.
Several security issues were fixed in Samba.
The post The WordPress Toolkit 4.4 Update appeared first on Plesk.
An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for openshift-external-storage is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for openshift-enterprise-builder-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for ose-cluster-kube-controller-manager-operator-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for csi-provisioner-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Fix intermittent SEC_ERROR_UNKNOWN_ISSUER (#1752303, #1648617) —- Updates the nss package to upstream NSS 3.47.1. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.47.1_release_notes
Applications using libpcap could be made to crash if given specially crafted data.
USN-4202-1 caused a regression in Thunderbird.
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348
Several security issues were fixed in Git.
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
libssh could be made to run programs under certain conditions.
In the December 2019 survey we received responses from 1,268,289,402 sites across 243,753,534 unique domain names and 9,430,985 web-facing computers. This reflects a loss of 40.1 million sites, but a gain of 19,200 domains and 156,000 computers.
nginx gained the largest number of sites (+41.2 million), while Apache lost 50.1 million and Microsoft lost 17.5 million; but in terms of unique domains, all major vendors suffered losses. Microsoft lost the most domains (-2.67 million), followed by Apache (-572,000); and, despite gaining so many sites, nginx lost 422,000 domains.
nginx has continued its strong and steady growth in web-facing computers, this month gaining 58,500 computers compared with Apache’s gain of 42,900. nginx is edging ever-closer to Apache’s leading market share, which fell by 0.13 percentage points to 35.3%, leaving it only 3.4 points ahead of nginx.
If current trends continue, nginx looks set to overtake Apache at some point in late 2020, which would make it the largest vendor in terms of web-facing computers. nginx has already been in the lead by sites since April 2019, and is also closing in on domains, but is still some way behind Apache in active sites and the top million sites.
OpenLiteSpeed 1.6.4 was released on 18 November.
This is the open source version of the LiteSpeed web server, which was first to ship HTTP/3 support
in July, and boldly claims to outperform nginx when handling HTTP/3 traffic. More than 20 million sites across 3.9 million domains are running either LiteSpeed or OpenLiteSpeed – both variants exhibit the same “LiteSpeed” server header.
QUIC and HTTP/3 have been supported by Cloudflare’s partly nginx-based edge network since September; and in October, Cloudflare released a patch that
allows its savoury implementation of these protocols (quiche) to be integrated into the upstream nginx codebase. LiteSpeed’s HTTP/3 benchmarks were carried out against this patch.
On 19 November, Microsoft announced the availability of Microsoft Azure from its new cloud
datacenter regions in Norway. Norway’s largest financial services group, DNB Group, has already chosen the new region to migrate services into the cloud in accordance with Norwegian data handling regulations.
Finally, NGINX Plus Release 20 (R20) was released on 3 December. Based on the open source nginx web server, NGINX Plus is a commercial offering, and R20 includes real-time monitoring and logging of rate-limited traffic, enhancements to
connection limiting, and some security improvements for HTTP/2.
| Developer | November 2019 | Percent | December 2019 | Percent | Change |
|---|---|---|---|---|---|
| nginx | 437,886,327 | 33.47% | 479,072,656 | 37.77% | 4.30 |
| Apache | 359,048,240 | 27.44% | 308,978,570 | 24.36% | -3.08 |
| Microsoft | 202,633,184 | 15.49% | 185,084,122 | 14.59% | -0.89 |
| 36,196,549 | 2.77% | 37,290,465 | 2.94% | 0.17 |
GNU C could be made to execute arbitrary code or cause a crash if it received a specially crafted input.
Several security issues were fixed in Samba.
The post Win a Plesk Package by Playing our Plesk ‘Search’ Quiz appeared first on Plesk.
An update for httpd24, httpd24-httpd, and httpd24-nghttp2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Apply upstream fix for CVE-2019-17064.
Update to Node.js upstream release 12.13.1 https://nodejs.org/en/blog/release/v12.13.1/ Also fixes an issue where running `npm -g` was risky on RPM-installed systems. Fedora’s packaged NPM will now install global content in /usr/local instead of /usr where it could conflict with RPM-provided versions.
Apply upstream fix for CVE-2019-17064.
**Added:** * amqp_ssl_socket_get_context can be used to get the current OpenSSL CTX* associated with a connection. **Changed:** * openssl: missing OpenSSL config is ignored as an OpenSSL init error (#523) * AMQP_DEFAULT_MAX_CHANNELS is now set to 2047 to follow current default channel limit in the RabbitMQ broker. (#513) **Fixed:** * add additional input
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
A security update is now available for Open Liberty 19.0.0.12 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
58 queries. 9 mb Memory usage. 1.312 seconds.