Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Comment
Archive for May, 2024
146 results.
WordCamp Europe 2024 kicks off on June 13, gathering WordPressers from across the globe to Torino, Italy. Find out more about the conference and how to live stream project Cofounder Matt Mullenweg’s mid-year update.
Several security issues were fixed in GNU C Library.
Update cacti and cacti-spine to version 1.2.27. This includes the upstream fixes for many CVEs, including a critical remote code execution bug. https://github.com/Cacti/cacti/blob/release/1.2.27/CHANGELOG https://github.com/Cacti/spine/blob/release/1.2.27/CHANGELOG
New version 4.2.5. Includes fixes for CVE-2024-4853, CVE-2024-4854, CVE-2024-4855.
Release 1.6.7 Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313) Fix bug where HTML entities in URLs were not decoded on HTML to plain text conversion (#9312) Fix bug in collapsing/expanding folders with some special characters in names
Update cacti and cacti-spine to version 1.2.27. This includes the upstream fixes for many CVEs, including a critical remote code execution bug. https://github.com/Cacti/cacti/blob/release/1.2.27/CHANGELOG https://github.com/Cacti/spine/blob/release/1.2.27/CHANGELOG
FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file.
PostgreSQL could be made to expose sensitive information.
PyMySQL could be vulnerable to SQL injection attacks.
browserify-sign could allow unintended access if it opened a specially crafted file.
Update to 115.11.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/ https://www.thunderbird.net/en-US/thunderbird/115.11.0/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/
Update to requests-2.32.0, fixes CVE-2024-35195.
An SQL injection was discovered in pymysql, a pure Python MySQL driver. For the oldstable distribution (bullseye), this problem has been fixed in version 0.9.3-2+deb11u1.
GStreamer Base Plugins could be made to crash or run programs as your login if it opened a specially crafted file.
Blog post for Privacy Policy, Pricing and Term Agreement and Bundling Agreement Updates We recently released updated versions of Privacy Policy, Pricing and Term Agreement and Technical Support Agreement. This post summarizes these changes. Privacy Policy Twice each year, we review our Privacy Policy. In the most recent review, we made the following changes: Changes […]
The post Privacy Policy, Pricing and Term Agreement and Bundling Agreement Updates first appeared on cPanel Blog.
Several security issues were fixed in TPM2 Software Stack.
Werkzeug could be made to execute code under certain circumstances.
As you might know, CentOS 7 and CloudLinux 7 will reach End-of-Life (EOL) support on June 30, 2024 by their respective upstream vendors. This means that after that date, these operating systems will no longer receive security updates from upstream vendors, making them more vulnerable to potential security issues. But don’t worry, we’ve got your […]
The post CentOS 7 and CloudLinux 7 End-of-Life first appeared on cPanel Blog.
Jinja2 could allow cross-site scripting (XSS) attacks.
Extended Life Support OSes Update
May29
on May 29, 2024
at 6:00 am
Posted In: Guides, internal server error, Plesk, Product and technology, Releases, Various, Wordpress, WordPress Error 500
Tricky errors like WordPress 500 Internal Server Error keep your site offline if they’re not fixed. Here’s how to solve this one.
The post Extended Life Support OSes Update appeared first on Plesk.
USN-6779-1 caused some minor regressions in Firefox.
Qt 6.7.1 bugfix update.
update to 125.0.6422.112 High CVE-2024-5274: Type Confusion in V8
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in FRR.
Flask-Security could be made to bypass URL validation and redirect to arbitary URL.
Several security issues were fixed in Git.
Unbound could be made to take part in a denial of service attack.
Netatalk could allow arbitrary code execution if it receives a specially crafted input.