New upstream version (139.0)
Comment
Archive for May, 2025
121 results.
This update contains the backported fix for CVE-2024-52804 (cookie parsing DoS vuln).
Update to 2025.88 (rhbz#2364904)
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in
ADOdb could be made to crash or run programs if it received specially crafted input.
Apport could be made to leak sensitive information.
Update package to release v0.24.0 Resolve: rhbz#2366388, rhbz#2360632 Upstream fixes and changes
Security update for CVE-2025-4574, GHSA-pg9f-39pc-qf8g: by rebuilding ruff, we ensure that it uses version 0.5.15 of the crossbeam-channel crate library. rust-hashlink 0.10.0 API incompatible change: upgrade hashbrown to 0.15 API incompatible change: we now wrap DefaultHashBuilder and DefaultHasher
The Qualys Threat Research Unit (TRU) discovered that systemd-coredump is prone to a kill-and-replace race condition which may allow a local attacker to gain sensitive information from crashed SUID processes. Additionally systemd-coredump does not specify %d (the kernel’s per-
Multiple vulnerabilities were discovered in libavif, a library for handling .avif files, which could result in denial of service or potentially the execution of arbitrary code.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
USN-7537-1 caused a regression in net-tools.
The update for net-tools announced in DSA 5923-1 introduced a regression for ifconfig always showing zero value packet counters. Updated packages are now available to correct this issue. Two additional stack-based buffer overflow flaws are addressed in this update.
It was discovered that a double-free in the encoder of libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code.
It was discovered that Yelp, the help browser for the GNOME desktop, allowed help files to execute arbitrary scripts. Opening a malformed help file could have resulted in data exfiltration.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or cross-origin leaks.
Today, I’m pleased to announce the formation of a new WordPress AI Team, a dedicated group focused on accelerating and coordinating artificial intelligence projects across the WordPress ecosystem. AI is already transforming how people create and manage content online. As this technology evolves, it’s essential that WordPress remains at the forefront, ensuring innovation happens in […]
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the Indirect Target Selection (ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection vulnerability (CVE-2024-45332).
We once again reached out to our incredible community with a quick survey to gather feedback on the features we delivered in 2024, as well as plans for 2025. This was our fifth annual survey, and we cannot fully express our gratitude for your participation. With 557 responses, we’ve compiled a comprehensive overview of the […]
The post Plesk 2024 Survey Results appeared first on Plesk.
If you want your website to rank higher on Google, tracking your SEO is one of the best things you can do. This means knowing how healthy your site is, which keywords are working, and what technical issues might be holding you back. The good news? You don’t have to do it all manually. In […]
The post Top SEO Monitoring Tools to Boost Your Website’s Performance appeared first on Plesk.
.NET could be used to perform spoofing over a network.
We’re excited to announce the latest updates and improvements in Plesk! This release brings a host of new features, enhancements, and important changes to ensure you have the best experience possible. Let’s dive into the highlights: Panel and Hosting Improvements Windows Server 2025 Support Support for Windows Server 2025 is now available. This update allows […]
The post Plesk Obsidian 18.0.69 is Here! appeared first on Plesk.
Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update.
Mohamed Maatallah discovered a stack-based buffer overflow in the get_name() function in net-tools, a collection of programs for controlling the network subsystem of the Linux kernel, which may result in denial of service (application crash) or potentially the execution of