Update to 2.53.2 If you have Lightning and/or Chatzilla extensions previously disabled, they are enabled after the update. Disable it again if needed (in about:addons), or remove completely (which can improve startup time).
Archive for May, 2020
Update to OpenJDK 8u252 (April Critical Patch Update) – JDK-8223898, CVE-2020-2754: Forward references to Nashorn – JDK-8223904, CVE-2020-2755: Improve Nashorn matching – JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs – JDK-8224549, CVE-2020-2757: Less Blocking Array Queues – JDK-8225603: Enhancement for big integers – JDK-8227542: Manifest improved jar headers –
USN-4353-1 caused a regression in Firefox.
PulseAudio could allow unintended access to snap packages.
An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.
update to 4.11.4 —- multiple xenoprof issues [XSA-313, CVE-2020-11740, CVE-2020-11741] (#1823912, #1823914) Missing memory barriers in read-write unlock paths [XSA-314, CVE-2020-11739] (#1823784) Bad error path in GNTTABOP_map_grant [XSA-316, CVE-2020-11743] (#1823926) Bad continuation handling in GNTTABOP_copy [XSA-318, CVE-2020-11742] (#1823943)
**MySQL 8.0.20** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html CVEs fixed: CVE-2020-2759 CVE-2020-2761 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
**MySQL 8.0.20** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html CVEs fixed: CVE-2020-2759 CVE-2020-2761 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
Are you ready, kids? I said, are you ready? Whoooooo has another update for you to see? Google Chromium! For browsing and tweeting (but not FTP) Google Chromium! If improved security be something you wish Google Chromium! Then run dnf while you flop like a fish! Google Chromium! Google Chromium! Google Chromium! Google Chromium! Ahem. Sorry*. This update fixes the following
**MySQL 8.0.20** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-20.html CVEs fixed: CVE-2020-2759 CVE-2020-2761 CVE-2020-2762 CVE-2020-2763 CVE-2020-2765 CVE-2020-2770 CVE-2020-2774 CVE-2020-2779 CVE-2020-2780 CVE-2020-2804 CVE-2020-2812 CVE-2020-2814 CVE-2020-2853 CVE-2020-2892 CVE-2020-2893
– Release 0.24.1
**Version 1.4.4** This is a **service and security update** to the stable version 1.4 of Roundcube Webmail. It contains four fixes for recently reported security vulnerabilities as well a number of general improvements from our issue tracker. – Fix bug where attachments with Content-Id were attached to the message on reply (#7122) – Fix identity selection on reply when both sender and
– Release 0.24.1
Multiple security issues were discovered in the Squid proxy caching server, which could result in the bypass of security filters, information disclosure, the execution of arbitrary code or denial of service.
Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code.
https://lists.gnupg.org/pipermail/gnutls-help/2020-March/004642.html
If we have learned one thing from the 2020 COVID-19 situation, access to online resources and training is vital to keep businesses going. Online education has exploded due to school closures, and the learn-from-home approach has become the current standard. The hosting industry has also thrived in this arena, for example, Alibaba Cloud deployed more than 100,000 new cloud servers in two hours and set a new record for rapid capacity expansion. At cPanel, our work is a hybrid …
The update for salt for the oldstable distribution (stretch) released as DSA 4676-1 contained an incomplete fix to address CVE-2020-11651 and CVE-2020-11652. Updated salt packages are now available to correct this issue. For reference, the original advisory text follows.
The following vulnerability has been discovered in the webkit2gtk web engine: CVE-2020-3885
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Tips for Creating an Effective Landing Page
The post Tips for Creating an Effective Landing Page appeared first on Plesk.
Update to 2.53.2 If you have Lightning and/or Chatzilla extensions previously disabled, they are enabled after the update. Disable it again if needed (in about:addons), or remove completely (which can improve startup time).
A vulnerability was found in the EC2 credentials API of Keystone, the OpenStack identity service: Any user authenticated within a limited scope (trust/oauth/application credential) could create an EC2 credential with an escalated permission, such as obtaining “admin” while
Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, code execution in the AJP connector (disabled by default in Debian) or a man-in-the-middle attack against the JMX interface.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
Whether you want to sell your idea to your leadership or want a more solidified project proposal backed by proof, we are going to equip you with the tools you need to improve your success. We’ll walk you through step by step what to do before you plan your proposal. You want to find the best way to devise a plan that will support your idea with hard data and approvals will be a breeze. …
OpenLDAP could be made to crash if it received specially crafted network traffic.
OpenLDAP could be made to crash if it received specially crafted network traffic.