Ike.ninja

Several security issues were fixed in curl.

Update govultr/vultr-cli —- Update to latest

x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166]

In the June 2022 survey we received responses from 1,146,976,964 sites across 273,010,403 unique domains and 12,224,786 web-facing computers. This reflects a loss of 8.75 million sites and 583,000 domains, but a gain of 155,000 computers.

Cloudflare experienced strong growth this month, gaining 2.99 million sites and 85,000 domains, representing a 4.64% growth in its number of sites. Cloudflare experienced a significant outage on 21 June, impacting around half of the total requests made to its network. The outage lasted around an hour and a half and affected a significant number of popular sites. 20.2% of the million most visited sites rely on Cloudflare (up 1,400 sites since last month).

The three largest vendors by the million most visited sites metric—Apache, nginx, and Cloudflare—all have similar market share, though only Cloudflare gained market share this month. Apache saw the largest loss, dropping 2,190 sites (-0.96%), while nginx lost 280 sites (-0.13%).

LiteSpeed gained a significant number of sites with an addition of 2.96 million (+5.89%), and gained 171,000 (+2.21%) domains – the second largest increase this month. The number of web-facing computers using LiteSpeed also showed strong growth, increasing by 4,460 (+3.44%) to a total of 134,000.

nginx and Apache remain the two largest server vendors, though both saw similar losses of 6.52 million (-1.84%) and 6.18 million (-2.33%) sites this month. Despite this, nginx gained 795,000 (+1.06%) domains and saw continued growth in the number of web-facing computers with 158,000 (+3.44%) computers. Conversely, Apache lost 1.07 million domains (-1.71%) and 25,700 (-0.74%) web-facing computers.

Vendor news

• Apache httpd 2.4.54 was released on 8 June 2022. This release resolves multiple security issues, including several that affect mod_lua.
• nginx 1.23.0 was released on 21 June 2022. This is the first release in the 1.23.x mainline branch which will include newly developed features and bug fixes. By comparison, the 1.22.x stable branch released last month will only receive major bug fixes from the 1.23 mainline release. The update includes several changes that affect headers in addition to several bug fixes.
• njs 0.7.5 was also released on 21 June alongside nginx 1.23.0. njs is nginx’s JavaScript-based scripting language, and this update includes several small changes affecting headers in addition to bug fixes.
• Lighttpd 1.4.65 was released on 7 June 2022, bringing with it an implementation of WebSockets over HTTP/2. The release also includes an announcement of future scheduled behaviour changes that include using strong, modern TLS cipher suites by default.
• Apple announced support for Private Access Tokens in upcoming releases of iOS and macOS. This is part of the Privacy Pass standard, a collaboration between Apple, Google, and Cloudflare that can replace CAPTCHAs across the web by providing a secure way for the device to attest that it is an authentic device.
• Google Cloud recently added five new regional data centers, taking the total number of available GCP regions to 34. The new regions added were in Columbus, OH, Madrid, Dallas, TX, Milan, and Paris.

In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature Leo Gopal, from South Africa, a back-end Developer and Customer Support agent on the encouragement and learning support the WordPress community can give. Writing as […]