Ike.ninja

– New Firefox and NSS upstream update – More info at https://www.mozilla.org/en- US/firefox/75.0/releasenotes/

– New Firefox and NSS upstream update – More info at https://www.mozilla.org/en- US/firefox/75.0/releasenotes/

This update incorporates fixes from the upstream glibc 2.29 stable release branch, including 3 fixes for medium severity security vulnerabilities. (CVE-2020-10029, CVE-2020-1752, CVE-2020-1751)

– New Firefox and NSS upstream update – More info at https://www.mozilla.org/en- US/firefox/75.0/releasenotes/

libssh could be made to crash if it received specially crafted network traffic.

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed

Several security issues were fixed in libiberty.

In the April 2020 survey we received responses from 1,246,121,153 sites across 260,089,947 unique domains and 9,669,267 web-facing computers. This reflects a gain of 10,000 computers and 2.90 million domains, but a loss of 16.9 million sites.

nginx and Microsoft lost the most sites this month — 13.4 million and 10.4 million each — but like all other major vendors, they both gained domains.

Since attaining the largest share of domains last month, nginx has extended its lead with net growth of 1.84 million domains and now has a 28.5% share of this market, compared with Apache’s 27.8%.

Although Apache gained the largest number of sites this month — more than 2 million — it lost 598,000 active sites and its presence amongst the top million websites decreased by 4,230 sites, which took its top-sites count down by 1.43%. Nonetheless, Apache still has the largest share of the top million sites for now (29.1% compared with nginx’s 25.5%), and also continues to lead in terms of active sites and web-facing computers.

Vendors respond to COVID-19

As the coronavirus pandemic continues to affect many people’s lives in an unprecedented fashion, some web server vendors have offered to help in a variety of direct and indirect ways.

Microsoft has made an initial $1 billion donation to Puget Sound’s COVID-19 Response Fund; published a map that tracks active, recovered and fatal cases; and has offered its Healthcare Bot service powered by Microsoft Azure to help frontline organisations screen patients for potential infection and care.

NGINX and F5 are offering free resources for websites impacted by the crisis. This includes free access to its core training for NGINX Open Source; providing additional help and one free year of NGINX Plus to the education, public government and non-profit sectors; and encouraging its employees to respond to NGINX related matters on Stack Overflow and Twitter.

Google has made its COVID-19 datasets free to access and query. Researchers can also use Google’s BigQuery ML language to create and execute machine learning models for free. Google’s COVID-19 public dataset program is to remain in effect until 15 September.

Google has already had a number of measures in place to ensure that its systems stay up and running during the coronavirus crisis. For more than ten years it has carried out regular disaster recovery testing to identify and address potential problems before they happen, and its engineers operate from multiple locations. With some businesses experiencing increased online sales while consumers stay at home, Google has also activated its enhanced support structure which was developed for peak demand situations like Black Friday.

Last month, Google announced availability of Game Servers beta, which is a managed service offering the Kubernetes-based, open source Agones game server hosting project cofounded by Google and Ubisoft. Agones automatically scales Kubernetes to meet unpredictable player demand, and so its launch is conveniently timed to help cope with the increased amount of online multiplayer gaming taking place while many people are either self-isolating or on lockdown during the global coronavirus crisis.

Online gaming is helping some companies to weather the pandemic, such as Chinese technology group Tencent, which expects revenues from its games business to hold up better than that of its main rival, Alibaba, whose Taobao Tengine web server currently powers 13.7 million websites. Alibaba’s co-founder, Jack Ma, has donated coronavirus test kits and masks to Europe and the US despite the effect the pandemic has had on its Tmall and Taobao retail businesses.

Cloudflare has made its Cloudflare for Teams service free for small businesses during the outbreak, helping employees to work from home securely and effectively.

Finally, Netcraft has been protecting consumers and businesses from the despicable — yet inevitable — influx of
coronavirus-themed cybercrime,
which has recently scaled up a notch.
The types of fraudulent activity that are purposely exploiting the pandemic include tax refund scams and other phishing attacks
that have been modified to make use of coronavirus-themed emails, as well as smishing, password-stealing malware, advance fee scams,
and masses of fake online stores purportedly selling COVID-19 vaccines, cures and related protective equipment.

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

In the April edition of our “People of WordPress” series, you’ll find out how Mario Peshev went from self-taught developer to teaching basic digital literacy.

Several security issues were fixed in the Linux kernel.

Red Hat OpenShift Container Platform release 3.11.200 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score,

GnuTLS could expose sensitive information over the network.

An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

The 5.5.15 stable kernel update contains a number of important fixes across the tree.