The latest People of WordPress story features Raghavendra Satish Peri, a digital entrepreneur in web accessibility and digital marketing.
Archive for October, 2022
Libtasn1 could cause a crash when processing certain inputs.
Tis the season for spooky fun. Hear Josepha Haden Chomphosy read a Halloween-themed WordPress Mad Lib on the episode of the WP Briefing.
OpenShift API for Data Protection (OADP) 1.0.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
– url: use IDN decoded names for HSTS checks (CVE-2022-42916) – http_proxy: restore the protocol pointer on error (CVE-2022-42915) – netrc: replace fgets with Curl_get_line (CVE-2022-35260) – fix POST following PUT confusion (CVE-2022-32221)
Update to 2.28.1
– Update to 1.2.22
– Update to 1.2.22
Nicky Mouha discovered a buffer overflow in ‘sha3’, a Python library for the SHA-3 hashing functions. For the stable distribution (bullseye), this problem has been fixed in
A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980
It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For the stable distribution (bullseye), these problems have been fixed in
A security issue was discovered in Chromium, which could result in the execution of arbitrary code. For the stable distribution (bullseye), this problem has been fixed in
Update to 2.4.9, fixes CVE-2022-30674.
Update to 2.4.9, fixes CVE-2022-30674.
A micro version update is now available for Red Hat Integration Camel K. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for puppet-mysql is now available for Red Hat OpenStack Platform 13.0 (Queens), 16.1 (Train), 16.2 (Train) and 17.0 (Wallaby). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.11 for RHEL 7 – noarch
Update to 3.3.0.1 and CVE-2022-25844
This is the monthly .NET 6 update for September 2022. It updates the .NET SDK to 6.0.109 and Runtime to 6.0.9. This includes a fix for CVE-2022-38013
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in
Several security issues were fixed in LibTIFF.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in DBus.
Update to version 4.16.6 – Security fixes for CVE-2022-3592 and CVE-2022-3437
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Several security issues were fixed in the Linux kernel.
curl could crash if it received a specially crafted POST operations after PUT operations.