Several security issues were fixed in curl.
Comment
Archive for June, 2022
184 results.
Update to 102.0.5005.115. Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635 CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640 CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866
Update govultr/vultr-cli —- Update to latest
– fix unpreserved file permissions (CVE-2022-32207) – fix Set-Cookie denial of service (CVE-2022-32205) – fix HTTP compression denial of service (CVE-2022-32206) – fix FTP-KRB bad message verification (CVE-2022-32208)
x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166]
– Update to new upstream (102.0)
In the June 2022 survey we received responses from 1,146,976,964 sites across 273,010,403 unique domains and 12,224,786 web-facing computers. This reflects a loss of 8.75 million sites and 583,000 domains, but a gain of 155,000 computers.
Cloudflare experienced strong growth this month, gaining 2.99 million sites and 85,000 domains, representing a 4.64% growth in its number of sites. Cloudflare experienced a significant outage on 21 June, impacting around half of the total requests made to its network. The outage lasted around an hour and a half and affected a significant number of popular sites. 20.2% of the million most visited sites rely on Cloudflare (up 1,400 sites since last month).
The three largest vendors by the million most visited sites metric—Apache, nginx, and Cloudflare—all have similar market share, though only Cloudflare gained market share this month. Apache saw the largest loss, dropping 2,190 sites (-0.96%), while nginx lost 280 sites (-0.13%).
LiteSpeed gained a significant number of sites with an addition of 2.96 million (+5.89%), and gained 171,000 (+2.21%) domains – the second largest increase this month. The number of web-facing computers using LiteSpeed also showed strong growth, increasing by 4,460 (+3.44%) to a total of 134,000.
nginx and Apache remain the two largest server vendors, though both saw similar losses of 6.52 million (-1.84%) and 6.18 million (-2.33%) sites this month. Despite this, nginx gained 795,000 (+1.06%) domains and saw continued growth in the number of web-facing computers with 158,000 (+3.44%) computers. Conversely, Apache lost 1.07 million domains (-1.71%) and 25,700 (-0.74%) web-facing computers.
Vendor news
- Apache httpd 2.4.54 was released on 8 June 2022. This release resolves multiple security issues, including several that affect mod_lua.
- nginx 1.23.0 was released on 21 June 2022. This is the first release in the 1.23.x mainline branch which will include newly developed features and bug fixes. By comparison, the 1.22.x stable branch released last month will only receive major bug fixes from the 1.23 mainline release. The update includes several changes that affect headers in addition to several bug fixes.
- njs 0.7.5 was also released on 21 June alongside nginx 1.23.0. njs is nginx’s JavaScript-based scripting language, and this update includes several small changes affecting headers in addition to bug fixes.
- Lighttpd 1.4.65 was released on 7 June 2022, bringing with it an implementation of WebSockets over HTTP/2. The release also includes an announcement of future scheduled behaviour changes that include using strong, modern TLS cipher suites by default.
- Apple announced support for Private Access Tokens in upcoming releases of iOS and macOS. This is part of the Privacy Pass standard, a collaboration between Apple, Google, and Cloudflare that can replace CAPTCHAs across the web by providing a secure way for the device to attest that it is an authentic device.
- Google Cloud recently added five new regional data centers, taking the total number of available GCP regions to 34. The new regions added were in Columbus, OH, Madrid, Dallas, TX, Milan, and Paris.
| Developer | May 2022 | Percent | June 2022 | Percent | Change |
|---|---|---|---|---|---|
| nginx | 354,871,628 | 30.71% | 348,349,326 | 30.37% | -0.33 |
| Apache | 265,688,420 | 22.99% | 259,509,062 | 22.63% | -0.36 |
| OpenResty | 92,848,366 | 8.03% | 92,789,967 | 8.09% | 0.06 |
| Cloudflare | 64,369,545 | 5.57% | 67,355,920 | 5.87% | 0.30 |
Several security issues were fixed in Vim.
In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature Leo Gopal, from South Africa, a back-end Developer and Customer Support agent on the encouragement and learning support the WordPress community can give. Writing as […]
Several security issues were fixed in Libjpeg6b.
Update to 91.11.0
– Update to new upstream (102.0)
Security fixes for CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2231, CVE-2022-2210, CVE-2022-2208, CVE-2022-2207, CVE-2022-2206
cloud-init could be made to expose sensitive information.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
Security fix for CVE-2022-1292 Upgrade to 1.1.1o, #2095817. See https://www.openssl.org/news/secadv/20220503.txt.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
uboot-tools-2022.04-2: * Fixes for Pine64 Pinebook Pro * Fix for CVE-2022-30767 (NFSv2) * Fix for CVE-2018-25032 (zlib)
Why the long face? Having trouble with Laravel? You’re in luck because hosting Laravel applications with Plesk becomes easy as pie! Read on to learn all about it. Install Your Laravel application Configure Your Laravel Application Manage Your Laravel Application Troubleshoot Your Laravel Application Deploy Your Laravel Application Are we missing anything? Let us know! To save your time for things that matter, we came up with the Laravel Toolkit, a Plesk extension that makes hosting Laravel applications a breeze. So, what can it do? Create a simple Laravel application with just a few clicks. No need to install anything…
The post Laravel Application Hosting in Plesk appeared first on Plesk.
Join WordPress Executive Director Josepha Haden Chomphosy as she covers planning for major releases and how you can get involved in the 6.1 release cycle!
Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution.
Multiple security issues were discovered in the Squid proxy caching server: CVE-2021-28116
Several security issues were fixed in curl.
Several security issues were fixed in SpiderMonkey JavaScript Library.
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,