An update for ipmitool is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Security and performance fixes.
**PHP version 7.3.16** (19 Mar 2020) **Core:** * Fixed bug php#63206 (restore_error_handler does not restore previous errors mask). (Mark Plomer) **DOM:** * Fixed bug php#77569: (Write Access Violation in DomImplementation). (Nikita, cmb) * Fixed bug php#79271 (DOMDocumentType::$childNodes is NULL). (cmb) **Enchant:** * Fixed bug php#79311 (enchant_dict_suggest() fails on big
An update for ipmitool is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for zsh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for openshift-enterprise-mediawiki-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
**PHP version 7.3.16** (19 Mar 2020) **Core:** * Fixed bug php#63206 (restore_error_handler does not restore previous errors mask). (Mark Plomer) **DOM:** * Fixed bug php#77569: (Write Access Violation in DomImplementation). (Nikita, cmb) * Fixed bug php#79271 (DOMDocumentType::$childNodes is NULL). (cmb) **Enchant:** * Fixed bug php#79311 (enchant_dict_suggest() fails on big
An update for openshift-istio-kiali-rhel7-operator-container is now available for Openshift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Andre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code.
**PHP version 7.4.4** (19 Mar 2020) **Core:** * Fixed bug php#79329 (get_headers() silently truncates after a null byte) (**CVE-2020-7066**) (cmb) * Fixed bug php#79244 (php crashes during parsing INI file). (Laruence) * Fixed bug php#63206 (restore_error_handler does not restore previous errors mask). (Mark Plomer) **CURL:** * Fixed bug php#79019 (Copied cURL handles upload
The fourth release candidate for WordPress 5.4 is live! WordPress 5.4 is currently scheduled to land on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! You can test the WordPress 5.4 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) […]
Update to WebKitGTK 2.28.0. * Add API to enable Process Swap on (Cross-site) Navigation. * Add user messages API for the communication with the web extension. * Add support for same-site cookies. * Service workers are enabled by default. * Add support for Pointer Lock API. * Add flatpak sandbox support. * Make ondemand hardware acceleration policy never leave accelerated compositing
First, we want to assure you that we are here to support you and your business during this time of uncertainty. We are implementing our tested plans to keep operations up and running, and our goal remains to continue with uninterrupted operations and service to our Partners and customers. Adjusting to the current COVID-19 situation has been a task that everyone across the world has had to deal with. cPanel has been no different, and we …
IBus could allow local users to capture key strokes of other locally logged in users.
Update Fedora 32 to the final release version of 8u242 (https://bitly.com/oj8u242), bringing in the last security updates, in line with packages already in Fedora 30 & 31 This also resolves RHBZ#1813550 which was seen with the previous attempt at this update.
An update for openshift-enterprise-template-service-broker-operator-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact
An update for openshift-enterprise-builder-container, openshift-enterprise-cli-container, and ose-cli-artifacts-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact
Security fix for CVE-2020-9359
Update to 80.0.3987.149. Upstream says it fixes “13” security issues, but only lists these CVEs: * CVE-2020-6422: Use after free in WebGL * CVE-2020-6424: Use after free in media * CVE-2020-6425: Insufficient policy enforcement in extensions. * CVE-2020-6426: Inappropriate implementation in V8 * CVE-2020-6427: Use after free in audio * CVE-2020-6428: Use after free in audio
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Several security issues were fixed in Vim.
The post COVID-19 Announcement: Taking Responsible Action appeared first on Plesk.
Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-20503
A denial of service vulnerability (by triggering high CPU consumption) was found in Tor, a connection-based low-latency anonymous communication system.
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when strip=False and ‘math’ or ‘svg’ tags and one or more of the RCDATA tags were whitelisted.
In the March 2020 survey we received responses from 1,263,025,546 sites across 257,194,796 unique domains and 9,659,223 web-facing computers. This reflects a gain of 94,300 computers, 2.12 million sites and 3.00 million domains.
Microsoft and nginx both saw increases in the total number of domains in March 2020, with nginx gaining 4.84 million domains (+7.2%) and increasing its market share by 1.6 percentage points to 28.1%. Microsoft gained 215,000 domains, though this was not substantial enough to avoid losing market share to nginx.
nginx’s sharp increase saw it overtake Apache in terms of domain market share for the first time, with a marginal lead of 136,000 domains. However Apache continues to lead nginx by a considerable amount in terms of active sites
—despite losing 225,000 active sites this month, Apache maintains an 8.21 percentage point lead in market share over nginx. Apache also leads in terms of web-facing computers, though with only 3.17 percentage points separating them from nginx.
Several server vendors which hold a lower market share saw mixed results this month. Google lost 115,000 domains but gained 510,000 active sites, while Oracle lost 27,800 domains and 22,200 active sites. Both hold less than one percent of domain market share, with Google claiming 0.87% (-0.06 percentage points), and Oracle holding 0.22% (-0.01 percentage points).
After having gained almost 2 million domains every month since December, Cloudflare’s rapid growth slowed this month with a gain of only 714,929 domains. Cloudflare power their content delivery network with their own server software, originally based on nginx
, which accounted for 9.31% of observed domains.
NGINX released several new versions of its products this month. The nginx web server was updated to 1.17.9 with several small changes and bug fixes, one of which is related to HTTP/2 support. The company’s dynamic application server NGINX Unit was updated to 1.16.0, adding functionality which allows more configurable round-robin load balancing.
LiteSpeed Technologies released version 5.4.6 of their LiteSpeed Web Server
. This release adds support for the latest draft specification of HTTP/3, which itself was published in mid-February. The release also hardens the server’s default TLS configuration by disabling support for TLS 1.1 unless enabled by the user.
Apache also released versions 8.5.53, 9.0.33, and 10.0.0-M3 of Apache Tomcat, which include several small feature updates and bug fixes.
| Developer | February 2020 | Percent | March 2020 | Percent | Change |
|---|---|---|---|---|---|
| nginx | 459,966,569 | 36.48% | 473,308,955 | 37.47% | 1.00 |
| Apache | 309,061,300 | 24.51% | 306,114,673 | 24.24% | -0.27 |
| Microsoft | 179,225,073 | 14.21% | 170,567,386 | 13.50% | -0.71 |
| 40,120,733 | 3.18% | 41,227,959 | 3.26% | 0.08 |
Update to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled by default except on NVIDIA. List of CVEs fixed (since last update): * CVE-2019-20446 * CVE-2020-6381 * CVE-2020-6382 * CVE-2020-6383 * CVE-2020-6384 * CVE-2020-6385 * CVE-2020-6386 * CVE-2020-6387 * CVE-2020-6388 * CVE-2020-6389 * CVE-2020-6390 * CVE-2020-6391 * CVE-2020-6392 *
50 queries. 9.5 mb Memory usage. 1.226 seconds.