Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
Archive for August 25th, 2020
Internet Governance Forum USA 2020 Recap
As freedom of speech and fake news take center stage in the international dialogue, The Internet Governance Forum USA 2020 took these subjects and who is responsible head-on. cPanel’s General Counsel, David Snead, was part of the online panel discussion on “Should online platforms moderate and be accountable for user-created content?”. Other panelists included Former U.S. Congressman Chris Cox, Berkley Professor Hany Farid, Syd Terry – the Legislative Director …
The post Internet Governance Forum USA 2020 Recap first appeared on cPanel Blog.
Joomla 3.9.21 Release
Joomla 3.9.21 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 2.5.0-3.9.20
- Exploit type: Directory Traversal
- Reported Date: 2020-February-02
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24597
Description
Lack of input validation allows com_media root paths outside of the webroot.
Affected Installs
Joomla! CMS versions 2.5.0 – 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.0.0-3.9.20
- Exploit type: Open Redirect
- Reported Date: 2020-July-05
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24598
Description
Lack of input validation in com_content leads to an open redirect.
Affected Installs
Joomla! CMS versions 3.0.0 – 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.9.0-3.9.20
- Exploit type: XSS
- Reported Date: 2020-August-21
- Fixed Date: 2020-August-25
- CVE Number: CVE-2020-24599
Description
Lack of escaping in mod_latestactions allows XSS attacks.
Affected Installs
Joomla! CMS versions 3.9.0 – 3.9.20
Solution
Upgrade to version 3.9.21
Contact
The JSST at the Joomla! Security Centre.
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
Several security issues were fixed in PostgreSQL.