**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
Archive for November 10th, 2022
**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
**Changes in version 1.6.0** Bug Fixes: * Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability **CVE-2022-39369** (Henry Pan) * Set user agent [#421] (Fydon)
Security fix for CVE-2022-3705 2139842 – vim upgrade broke :! for displaying terminal output —- patchlevel 803 —- The newest upstream commit Security fixes for CVE-2022-3256, CVE-2022-3324, CVE-2022-3352, CVE-2022-3235, CVE-2022-3234, CVE-2022-3296, CVE-2022-3297, CVE-2022-3278.
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
USN-5709-1 introduced minor regressions in Firefox
WavPack could be made to crash if it opened a specially crafted file.
In the November 2022 survey we received responses from 1,135,089,912 sites across 271,689,143 domains and 12,306,625 web-facing computers. This reflects a gain of 4.7 million sites, a loss of 194,480 domains, and a gain of 6,685 web-facing computers.
The biggest growth this month comes from Cloudflare, with it gaining 8.3 million sites (+8.91%) and 490,000 domains (+1.94%). Cloudflare now accounts for 8.93% of all sites seen by Netcraft, up by 0.70pp since October.
nginx saw significant losses in its number of sites and domains this month. It lost 8.5 million sites (-2.75%) and 490,000 domains (-0.66%). However, nginx still holds its strong lead as the most widely used web server software, with a market share of 26.51% sites. Apache has the second largest number of sites, with a market share of 21.40%.
LiteSpeed continues its strong growth — this month it gained 720,000 sites (+1.28%) and 110,000 domains (+1.32%). This brings its market share of sites from 4.97% to 5.01% (+0.04pp).
Following its web-wide trend, Cloudflare has also seen growth in the top million sites. Since October, it gained 1,733 of the top million sites, with its market share increasing from 20.83% to 21.00% (+0.17pp). Meanwhile, both Apache and nginx have lost market share in the top million sites, with Apache down from 21.72% to 21.66% (-0.06pp) and nginx down from 21.36% to 21.21% (-0.15pp).
Vendor news
- nginx 1.23.2 was released on 19th October 2022. This version fixes memory corruption and disclosure vulnerabilities in
ngx_http_mp4_module
. - njs 0.7.8, the scripting language used to extend nginx, was released on 25th October 2022, adding many language features and bug fixes.
- Apache Tomcat versions 8.5.83, 9.0.68, 10.0.27, and 10.1.1 were released on 3rd October 2022. Most of the changes are bugfixes.
- Cloudflare announced early access for Privacy Gateway, a proxy allowing HTTP traffic to be securely encapsulated. It is based on the Oblivious HTTP IETF draft.
- AWS announced two new Local Zones: Hamburg, Germany and Warsaw, Poland. These are the first locations in Europe, and add to the now 20 generally available Local Zones.


Developer | October 2022 | Percent | November 2022 | Percent | Change |
---|---|---|---|---|---|
nginx | 309,403,564 | 27.37% | 300,890,891 | 26.51% | -0.86 |
Apache | 245,852,856 | 21.75% | 242,899,324 | 21.40% | -0.35 |
Cloudflare | 93,074,821 | 8.23% | 101,367,889 | 8.93% | 0.70 |
OpenResty | 91,587,837 | 8.10% | 91,612,799 | 8.07% | -0.03 |
Logging Subsystem 5.5.4 – Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from