November is usually a busy month for the WordPress project, and this year is no different. Following the empowering release of WordPress 6.4, the energy continues to build, setting the stage for the anticipated State of the Word and upcoming projects.
Archive for December, 2023
126 results.
Update to 120.0.6099.62, upstream release fixes follow security issues: * High CVE-2023-6508: Use after free in Media Stream * High CVE-2023-6509: Use after free in Side Panel Search * Medium CVE-2023-6510: Use after free in Media Capture * Low CVE-2023-6511: Inappropriate implementation in Autofill * Low CVE-2023-6512: Inappropriate implementation in Web Browser UI
Comment
TinyXML could be made to crash if it opened a specially crafted file.
Several security issues were fixed in FreeRDP.
Several security issues were fixed in GNU C Library.
BlueZ could be made to give a physically proximate attacker keyboard and mouse control of a computer.
upgrade to v0.10.7, CVE-2023-39325
upgrade to v0.10.7, close rhbz#2249798
WordPress 6.4.2 is now available! This minor release features 7 bug fixes in Core. The fixes include a bug fix for an issue causing stylesheet and theme directories to sometimes return incorrect results. This release also features one security fix. Because this is a security release, it is recommended that you update your sites immediately. […]
Several security issues were fixed in python-cryptography.
Several security issues were fixed in PostgreSQL.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in Open VM Tools.
Affected applications were rebuilt against version 0.10.60 of the the `openssl` crate (the Rust bindings for OpenSSL) to address two security advisories: – https://rustsec.org/advisories/RUSTSEC-2023-0044.html – https://rustsec.org/advisories/RUSTSEC-2023-0072.html
Affected applications were rebuilt against version 0.10.60 of the the `openssl` crate (the Rust bindings for OpenSSL) to address two security advisories: – https://rustsec.org/advisories/RUSTSEC-2023-0044.html – https://rustsec.org/advisories/RUSTSEC-2023-0072.html
Affected applications were rebuilt against version 0.10.60 of the the `openssl` crate (the Rust bindings for OpenSSL) to address two security advisories: – https://rustsec.org/advisories/RUSTSEC-2023-0044.html – https://rustsec.org/advisories/RUSTSEC-2023-0072.html
– Updated to latest upstream (120.0.1) —- – Fixed freezes on Google Maps —- – Updated to latest upstream (120.0)
update to 119.0.6045.199, upstream security release * High CVE-2023-6345: Integer overflow in Skia * High CVE-2023-6346: Use after free in WebAudio * High CVE-2023-6347: Use after free in Mojo * High CVE-2023-6348: Type Confusion in Spellcheck * High CVE-2023-6350: Out of bounds memory access in libavif * High CVE-2023-6351: Use after free in libavif
HAProxy could be made to expose sensitive information.
The WordPress Security Team is aware of multiple ongoing phishing scams impersonating both the “WordPress team” and the “WordPress Security Team“ in an attempt to convince administrators to install a plugin on their website which contains malware. The WordPress Security Team will never email you requesting that you install a plugin or theme on your […]
Several security issues were fixed in Request Tracker.
The latest People of WordPress features back-end web developer Artemy Kaydash, from Ukraine.
Rene Rehme discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly set headers when handling attachments. This would allow an attacker to load arbitrary JavaScript code.
USN-6509-1 caused some minor regressions in Firefox.
Update to 4.18.9 – Security fix for CVE-2018-14628
The 6.6.3 stable kernel update contains a number of important fixes across the tree.
PHP-FastCGI Process Manager (or PHP-FPM) is widely used on sites that use WordPress, a hugely popular content management system. PHP-FPM is a processor for PHP, one of the most common scripting languages, that enables WordPress sites to handle a greater volume of web traffic without relying on as many server resources as when using alternative PHP processors. How does PHP-FPM work? What security does it offer? And how easy is it to set up? We’ll cover all this and more in this guide to PHP-FPM. The Structure of PHP-FPM PHP is a high-level programming language. As a result, PHP scripts…
The post PHP-FPM: The Future of PHP Handling appeared first on Plesk.
Update to version 4.19.3 – Security fix for CVE-2018-14628
Security fix for CVE-2022-41717