Ike.ninja

This release fixes security issue CVE-2020-13999 .

The Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta 2 release.

An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Several vulnerabilities were discovered in coturn, a TURN and STUN server for VoIP. CVE-2020-4067

Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.

Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.

A vulnerability was discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service via malformed HTTP/2 headers.

The future of brick and mortar shops has been changing into a hybrid of traditional and digital, and the current health crisis is fast-tracking the digital experience.  As the stay-home orders came in, and only essential business could remain open with some others slowly opening with restrictions, the e-commerce industry and digital brands went into overdrive.  Brick-and-Mortar retailers traditionally offer products and services to their customers face-to-face in a storefront that gives them a unique advantage over …

– New upstream release – Actually reload the DFU device after upgrade has completed – Capture the dock SKU in report metadata – Correctly set the Logitech device protocol – Do not use shim for non-secure boot configurations – Ensure that the DeviceID is set for child devices – Fix an error when detaching MSP430 – Fix the DeviceID set by GetDetails – Force the prometheus minor version from

This release fixes a number of issues found in the 4.1 branch.

https://gitlab.com/sane-project/backends/-/releases

Several security issues were fixed in the NVIDIA graphics driver kernel modules.

An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

In the June 2020 survey we received responses from 1,224,760,416 sites across 262,406,750 unique domains and 10,042,047 web-facing computers. This reflects a gain of 1.21 million domains and 149,000 computers, but a loss of 13.3 million sites.

Microsoft lost the largest number of sites – more than 20 million – taking its total down by 13% to 135 million. This has decreased its market share by 1.51 percentage points to 11.0%. Apache also suffered a sizable loss of 10.7 million sites, decreasing its total to 304 million and taking its share down by 0.60 points to 24.8%.

nginx continues to lead with a total of 449 million sites, an increase of 2.95 million since last month. Coupled with the other major vendors’ losses, this has increased nginx’s market share by 0.63 points to 36.6%.

nginx also showed the largest computer growth, with 115,000 more computers taking its total up to 3.35 million and putting it only 76,000 computers away from Apache’s leading total.

While nginx looks set to soon become the largest vendor in terms of computers – possibly even by next month – celebrations by F5 Networks are likely to be marred by the latest developments in the dispute over the ownership of the nginx web server source code: it is now being sued by Lynwood Investments, who claim it owns the software.

The latest move comes after police raids on the offices of nginx and the home of one of its co-founders, Igor Sysoev, in December 2019. Russian search engine and e-commerce service provider, Rambler, alleged the webserver was developed while Igor Sysoev was a Rambler employee. Rambler transferred the rights to pursue the dispute to Lynwood Investments.

Meanwhile, nginx has also extended its recent new lead in the domains metric, with it now being used to host sites across 1.82 million more domains than last month.

Google was the only major vendor to gain active sites this month – a 2.12% increase to 19.3 million – and LiteSpeed was the only one to increase its presence among the top million websites, where it now has a share of 1.92%.

New vendor releases

nginx 1.19.0 mainline was announced on 26 May. This first release in the 1.19.* stream adds client certificate validation with OCSP, as well as a few bug fixes. The latest stable version is still 1.18.0, which was released in April. The difference between these two release streams is that the mainline branch is where new features are added, while the stable branches receive only security and bug fixes. This gives the stable releases a fixed feature set, which increases compatibility with third-party modules.

**horde 5.2.23** * [mjr] SECURITY: Fix javascript injection vulnerability in mobile login page. * [mjr] Fix broken cloud search in portal block.