Update to 3.2.5, fixing CVE-2018-1311 and CVE-2023-37536
Archive for December, 2023
Update to 3.2.5, fixing CVE-2018-1311 and CVE-2023-37536
It was discovered that missing input sanitising in libspreadsheet-parseexcel-perl, a Perl module to access information from Excel Spreadsheets, may result in the execution of arbitrary commands if a specially crafted document file is processed.
Security fix for CVE-2023-48795 (Terrapin SSH protocol attack), affecting mod_sftp.
Security fix for CVE-2023-48795
Security fix for CVE-2023-48795 (Terrapin SSH protocol attack), affecting mod_sftp.
release v0.15.0 includes security fix for [CVE-2023-48795]
– New version 6.6 – Important security fixes – Removed gopher support
release v0.15.0 includes security fix for [CVE-2023-48795]
– New version 6.6 – Important security fixes – Removed gopher support
The Site Editor gives you a powerful way to visually create every part of your site and tell your story. It lets you handle everything from big stylistic changes to simple copy updates all in a single place. To help you make the most of this new way to WordPress, here are a few standout […]
Several vulnerabilities were discovered in libssh, a tiny C SSH library. CVE-2023-6004
Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling or information disclosure.
Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data.
Fix for CVE-2023-48107
Fix for Terrapin vulnerability
Fix for CVE-2023-48107
In this episode, WordPress Executive Director Josepha Haden Chomphosy reflects on the recent 2023 State of the Word, which took place in Madrid, Spain, and some of the highlights of the work across the WordPress open source project.
# UnrealIRCd 6.1.4 This release fixes a crash issue with websockets in UnrealIRCd 6.1.0 – 6.1.3. The full advisory with all details is available at: https://forums.unrealircd.org/viewtopic.php?t=9340 ## Fixes * Crash that can be triggered by users when [Websockets](https://www.unrealircd.org/docs/WebSocket_support) are in use (a
# UnrealIRCd 6.1.4 This release fixes a crash issue with websockets in UnrealIRCd 6.1.0 – 6.1.3. The full advisory with all details is available at: https://forums.unrealircd.org/viewtopic.php?t=9340 ## Fixes * Crash that can be triggered by users when [Websockets](https://www.unrealircd.org/docs/WebSocket_support) are in use (a
Update to 1.22.7, fixes CVE-2023-37327, CVE-2023-37328, CVE-2023-37329.
Update to 1.22.7, fixes CVE-2023-37327, CVE-2023-37328, CVE-2023-37329.
Update to 1.22.7, fixes CVE-2023-37327, CVE-2023-37328, CVE-2023-37329.
Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the “Terrapin attack”. This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport
update to 120.0.6099.129 – High CVE-2023-7024: Heap buffer overflow in WebRTC
Two security issues were discovered in Curl: Cookies were incorrectly validated against the public suffix list of domains and in same cases HSTS data could fail to save to disk.
Fix for terrapin vulnerability
Fix for terrapin vulnerability
New upstream release (#2240701) with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661
Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617