An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Archive for October, 2022
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Security fix for CVE-2022-38784
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Several security issues were fixed in LibreOffice.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update is now available for Red Hat Openshift distributed tracing 2.6.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
libXdmcp could be made to expose sensitive information.
Perl could be made to by pass signature verification.
Several vulnerabilities were discovered in Squid, a fully featured web proxy cache, which could result in exposure of sensitive information in the cache manager (CVE-2022-41317), or denial of service or information disclosure if Squid is configured to negotiate authentication with the
Libksba could be made to crash or run programs if it decoded specially crafted data.
WordPress 6.1 Release Candidate 2 is now available for download and testing. This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test Release Candidate 2 on a test server and site.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in Git.
In the October 2022 survey we received responses from 1,130,378,382 sites across 271,883,623 unique domains, and 12,299,940 web-facing computers. This reflects a gain of 1.13 million sites, 258,363 unique domains, and 47,769 web-facing computers.
Cloudflare saw strong growth, with an increase of 9.44 million (+11.3%) sites resulting in an increase of 0.83pp in market share. It also gained a moderate 0.20 million unique domains (+0.79%), an increase of 0.06pp in market share.
Both nginx and Apache experienced decreases across all metrics. nginx lost 10.07 million (-3.15%) sites, a loss of 0.92pp in market share, 1,201 web-facing computers (-0.16pp market share), and 20,677 unique domains (-0.03pp market share). Apache lost 1.17 million sites (-0.13pp market share), 973 web-facing computers (-0.12pp market share), and 306,055 unique domains (-0.13pp market share).
Within the top million busiest sites, Apache remains the most used web server, but its market share continues its long-term downward trend, decreasing by 0.21pp. nginx also lost 0.12pp, but closes its gap to Apache to 3,622 sites. Cloudflare’s growth continues, with a gain of 0.07pp, bringing its market share to 20.83%. This reduces Apache’s lead to less than 1pp, and Cloudflare is set to overtake both Apache and nginx in the next few months if the trends continue.
OpenResty had the largest increase in web-facing computers, gaining 13,972 (+7.69%). However, it was overtaken by Cloudflare in overall number of sites after a decrease of 1.06 million (-1.14%) sites. It also saw a decrease of 0.26 million (-0.65%) unique domains, losing 0.11pp in market share.
Vendor news
- LiteSpeed Web Server 6.1 RC2 was released on 7th October 2022. This is the latest version in the LSWS 6.1 stream and includes support for the PROXY protocol.
- At Google Cloud Next ’22, Google anounced five new Google Cloud regions in Austria, Greece, Norway, South Africa, and Sweden. It also announced that the new C3 machine series is now available in private preview.
- Cloudflare enabled support for post-quantum hybrid key agreements on all websites and APIs served through it in protocols based on TLS 1.3. These agreements are a hybrid of the classical X25519 and the new post-quantum Kyber512 and Kyber768.
- Microsoft announces Azure Firewall Basic is now available in public preview, providing a more cost-effective network firewall protection aimed at small and medium businesses.
- AWS announced the launch of two new Local Zones in Taipei and Delhi, adding to its existing Local Zones in 33 cities in 27 countries.
Developer | September 2022 | Percent | October 2022 | Percent | Change |
---|---|---|---|---|---|
nginx | 319,472,149 | 28.29% | 309,403,564 | 27.37% | -0.92 |
Apache | 247,026,645 | 21.88% | 245,852,856 | 21.75% | -0.13 |
Cloudflare | 83,638,115 | 7.41% | 93,074,821 | 8.23% | 0.83 |
OpenResty | 92,645,981 | 8.20% | 91,587,837 | 8.10% | -0.10 |
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. In Debian the vulnerable code is in the bcel source package.
WordPress 6.0.3 is now available! This release features several security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 6.0.3 is a short-cycle release. The next major release will be version 6.1 planned for November 1, 2022. If […]