Debian: DSA-4744-1: roundcube security update
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to cross-site scripting vulnerabilities in handling invalid svg and math tag content.
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to cross-site scripting vulnerabilities in handling invalid svg and math tag content.
Security fix for CVE-2019-20907, CVE-2020-14422.
WordPress, the world’s most popular CMS (Content Management System), turns 17 years old this year, and what a year it has been! WordPress 5.5 “Eckstine” is the second major release this year and includes over 307 bug fixes, 157 enhancements, and feature requests, and 31 blessed tasks. From auto-updates to new improvements and block updates, WordPress 5.5 is feature-packed! Let’s jump in and take a look at some of the most significant updates: Automatic Theme and Plugin updates: Maintaining a WordPress site …
Here it is! Named “Eckstine” in honor of Billy Eckstine, this latest and greatest version of WordPress is available for download or update in your dashboard.
Welcome to WordPress 5.5.
Posts and pages feel faster, thanks to lazy-loaded images.
Images give your story a lot of impact, but they can sometimes make your site seem slow.
In WordPress 5.5, images wait to load until they’re just about to scroll into view. The technical term is ‘lazy loading.’
On mobile, lazy loading can also keep browsers from loading files meant for other devices. That can save your readers money on data — and help preserve battery life.
Say hello to your new sitemap.
WordPress sites work well with search engines.
Now, by default, WordPress 5.5 includes an XML sitemap that helps search engines discover your most important pages from the very minute you go live.
So more people will find your site sooner, giving you more time to engage, retain and convert them to subscribers, customers or whatever fits your definition of success.
Auto-updates for Plugins and Themes
Now you can set plugins and themes to update automatically — or not! — in the WordPress admin. So you always know your site is running the latest code available.
You can also turn auto-updates on or off for each plugin or theme you have installed — all on the same screens you’ve always used.
Update by uploading ZIP files
If updating plugins and themes manually is your thing, now that’s easier too — just upload a ZIP file.
Once again, the latest WordPress release packs a long list of exciting new features for the block editor. For example:
New block patterns make it simple and fun to create complex, beautiful layouts, using combinations of text and media that you can mix and match to fit your story.
You will also find block patterns in a wide variety of plugins and themes, with more added all the time. Pick any of them from a single place — just click and go!
Now it’s easier than ever to find the block you need. The new block directory is built right into the block editor, so you can install new block types to your site without ever leaving the editor.
Crop, rotate, and zoom your photos right from the image block. If you spend a lot of time on images, this could save you hours!
The highlights above are a tiny fraction of the new block editor features you’ve just installed. Open the block editor and enjoy!
Every release adds improvements to the accessible publishing experience, and that remains true for WordPress 5.5.
Now you can copy links in media screens and modal dialogs with a button, instead of trying to highlight a line of text.
You can also move meta boxes with the keyboard, and edit images in WordPress with your assistive device, as it can read you the instructions in the image editor.
5.5 also brings a big box of changes just for developers.
The addition of block types endpoints means that JavaScript apps (like the block editor) can retrieve definitions for any blocks registered on the server.
WordPress now has a standardized way to define a site’s environment type (staging, production, etc). Retrieve that type with wp_get_environment_type()
and execute only the appropriate code.
The Dashicons library has received its final update in 5.5. It adds 39 block editor icons along with 26 others.
The template loading functions (get_header()
, get_template_part()
, etc.) have a new $args
argument. So now you can pass an entire array’s worth of data to those templates.
redirect_guess_404_permalink()
.wp_opcache_invalidate()
function during updates (including to plugins and themes).register_taxonomy()
.register_meta()
.Leading this release were Matt Mullenweg, Jake Spurlock, and David Baumwald. Supporting them was this highly enthusiastic release squad:
Joining the squad throughout the release cycle were 805 generous volunteer contributors who collectively worked on over 523 tickets on Trac and over 1660 pull requests on GitHub.
Put on a Billy Eckstine playlist, click that update button (or download it directly), and check the profiles of the fine folks that helped:
A2 Hosting, a4jp . com, a6software, Aaron D. Campbell, Aaron Jorbin, abderrahman, Abha Thakor, Achal Jain, achbed, Achyuth Ajoy, acosmin, acsnaterse, Adam Silverstein, Addie, addyosmani, adnan.limdi, adrian, ahortin, airamerica, Ajay Ghaghretiya, Ajit Bohra, akbarhusen, akbarhusen429, Akhilesh Sabharwal, Akira Tachibana, Alain Schlesser, Albert Juhé Lluveras, Alex Concha, Alex Kirk, Alex Lende, Alex Shiels, Ali, ali11007, Allen Snook, amaschas, Amit Dudhat, anbumz, andfinally, Andrea Fercia, Andrea Middleton, Andrea Tarantini, Andrei Draganescu, Andrew Duthie, Andrew Nacin, Andrew Nevins, Andrew Ozz, Andrey “Rarst” Savchenko, Andrés Maneiro, Andy Fragen, Andy Meerwaldt, Andy Peatling, Angela Jin, Angelika Reisiger, Anh Tran, Ankit Gade, Ankit K Gupta, Ankit Panchal, Anne McCarthy, Anthony Burchell, Anton Timmermans, Antonis Lilis, apedog, archon810, argentite, Arpit G Shah, Arslan Ahmed, asalce, ashiagr, ashour, Atharva Dhekne, Aurélien Joahny, aussi, automaton, Ayesh Karunaratne, BackuPs, Barry, Barry Ceelen, Bart Czyz, bartekcholewa, bartkalisz, Bastien Ho, Bastien Martinent, bcworkz, bdbch, bdcstr, Ben Dunkle, Bence Szalai, bencroskery, Benjamin Gosset, Benoit Chantre, Bernhard Reiter, BettyJJ, bgermann, bigcloudmedia, bigdawggi, Bill Erickson, Birgir Erlendsson (birgire), Birgit Pauli-Haack, BjornW, bonger, Boone Gorges, Boris, Brandon Kraft, Brandon Payton, Brent Swisher, Brian Krogsgard, bruandet, Bunty, Burhan Nasir, caiocrcosta, Cameron Voell, cameronamcintyre, Carike, Carl Wuensche, Carlos Galarza, Carolina Nymark, Caroline Moore, Carrigan, ceyhun, Chad, Chad Butler, Charles Fulton, Chetan Prajapati, Chintan hingrajiya, Chip Snyder, Chloé Bringmann, Chouby, Chris Van Patten, chriscct7, Christian Chung, Christian Jongeneel, Christian Sabo, Christian Wach, Christoph Herr, cklee, clayray, Clifford Paulick, codeforest, Commeuneimage, Copons, Corey McKrill, cpasqualini, Cristovao Verstraeten, Csaba (LittleBigThings), Curtis Belt, Cyrus Collier, D.PERONNE, d6, Daniel Bachhuber, Daniel Hüsken, Daniel James, Daniel Llewellyn, Daniel Richards, Daniel Roch, Daniele Scasciafratte, Danny, Darko G., Darren Ethier (nerrad), Dave McHale, Dave Whitley, David A. Kennedy, David Aguilera, David Anderson, David Artiss, David Baumwald, David Binovec, David Brumbaugh, David E. Smith, David Herrera, David Ryan, David Shanske, David Smith, davidvee, dchymko, Debabrata Karfa, Deepak Lalwani, dekervit, Delowar Hossain, demetris, Denis Yanchevskiy, derekakelly, Derrick Hammer, Derrick Tennant, Diane Co, Dilip Bheda, Dimitris Mitsis, dingo-d, Dion Hulse, Dixita Dusara, djennez, dmenard, dmethvin, doc987, Dominik Schilling, donmhico, Dono12, Doobeedoo, Dossy Shiobara, dpacks, dratwas, Drew Jaynes, DrLightman, DrProtocols, dsifford, dudo, Dustin Bolton, dvershinin, Dylan Kuhn, Earle Davies, ecotechie, Eddie Moya, Eddy, Edi Amin, ehtis, Eileen Violini, Ekaterina, Ella van Durpe, elmastudio, Emanuel Blagonic, Emilie LEBRUN, Emmanuel Hesry, Enej Bajgoric, Enrico Sorcinelli, Enrique Piqueras, Enrique Sánchez, Eric, Eric Andrew Lewis, Eric Binnion, Erik Betshammar, Erin ‘Folletto’ Casali, esemlabel, esoj, espiat, Estela Rueda, etoledom, etruel, Ev3rywh3re, Evan Mullins, Fabian Kägy, Fabian Todt, Faisal Ahmed, Felix Arntz, Felix Edelmann, ferdiesletering, finomeno, Florian Brinkmann, Florian TIAR, Florian Truchot, florianatwhodunit, FolioVision, Francesca Marano, Francois Thibaud, Frank Goossens, Frank Klein, Frank.Prendergast, Franz Armas, Gabriel Koen, Gabriel Maldonado, Gabriel Mays, gadgetroid, Gal Baras, Garavani, garethgillman, Garrett Hyder, Gary Cao, Gary Jones, Gary Pendergast, Geert De Deckere, Gemini Labs, Gennady Kovshenin, geriux, Giorgio25b, gisselfeldt, glendaviesnz, goldsounds, Goto Hayato, Govind Kumar, Grégory Viguier, gradina, Greg Ziółkowski, gregmulhauser, grierson, Grzegorz.Janoszka, gsmumbo, Guido Scialfa, guidobras, Gunther Pilz, gwwar, H-var, hakre, Halacious, hankthetank, Hapiuc Robert, Hareesh Pillai, haukep, Haz, Hector F, Helen Hou-Sandi, Henry Wright, hlanggo, hommealone, Hoover, Howdy_McGee, hronak, huntlyc, Ian Belanger, Ian Dunn, Ian Stewart, ianjvr, ibdz, ifrins, infinum, Ipstenu (Mika Epstein), Isabel Brison, ishitaka, J.D. Grimes, jackfungi, jacklinkers, Jadon N, jadpm, jagirbahesh, Jake Spurlock, James Koster, James Nylen, Jan Koch, Jan Reilink, Jan Thiel, Janvo Aldred, Jarret, Jason Adams, Jason Coleman, Jason Cosper, Jason Crouse, Jason LeMahieu (MadtownLems), Jason Rouet, JasWSInc, Javier Casares, Jayson Basanes, jbinda, jbouganim, Jean-Baptiste Audras, Jean-David Daviet, Jeff Chandler, Jeff Farthing, Jeff Ong, Jeff Paul, Jen, Jenil Kanani, Jeremy Felt, Jeremy Herve, Jeremy Yip, jeryj, Jesin A, Jignesh Nakrani, Jim_Panse, Jip Moors, jivanpal, Joe Dolson, Joe Hoyle, Joe McGill, Joen Asmussen, Johanna de Vos, John Blackbourn, John Dorner, John James Jacoby, John P. Green, John Watkins, johnnyb, Jon Quach, Jon Surrell, Jonathan Bossenger, Jonathan Champ, Jonathan Christopher, Jonathan Desrosiers, jonkolbert, Jonny Harris, jonnybot, Jono Alderson, Joost de Valk, Jorge Bernal, Jorge Costa, Joseph Dickson, Josepha Haden, Josh Smith, JoshuaWold, Joy, Juanfra Aldasoro, juanlopez4691, Jules Colle, julianm, Juliette Reinders Folmer, Julio Potier, Julka Grodel, Justin Ahinon, Justin de Vesine, Justin Tadlock, justlevine, justnorris, K. Adam White, kaggdesign, Kailey (trepmal), Kaira, Kaitlin Bolling, KamataRyo, Kantari Samy, Kaspars, Kavya Gokul, keesiemeijer, Kelly Dwan, kennethroberson5556, Kevin Hagerty, Kharis Sulistiyono, Khokan Sardar, kinjaldalwadi, Kiril Zhelyazkov, Kirsty Burgoine, Kishan Jasani, kitchin, Kite, Kjell Reigstad, Knut Sparhell, Konstantin Obenland, Konstantinos Xenos, ksoares, KT Cheung, Kukhyeon Heo, lalitpendhare, Laterna Studio, laurelfulford, Laurens Offereins, Levdbas, Lew Ayotte, Lex Robinson, linyows, lipathor, Lisa Schuyler, liuhaibin, ljharb, logig, lucasbustamante, luiswill, Luke Cavanagh, Luke Walczak, lukestramasonder, M Asif Rahman, M.K. Safi, Maarten de Boer, Mahfoudh Arous, manojlovic, Manuel Schmalstieg, maraki, Marcin Pietrzak, Marcio Zebedeu, Marco Pereirinha, MarcoZ, Marcus, Marcus Kazmierczak, Marek Dědič, Marek Hrabe, Mario Valney, Marius Jensen, Mark Chouinard, Mark Parnell, Mark Uraine, markdubois, markgoho, Marko Andrijasevic, Marko Heijnen, MarkRH, markshep, markusthiel, Martijn van der Kooij, martychc23, Mary Baum, Matheus Martins, Mathieu Viet, Matias Ventura, matjack1, Matt Cromwell, Matt Mullenweg, Matt Radford, Matt van Andel, mattchowning, Matthew Boynes, Matthew Eppelsheimer, Matthew Gerring, Matthias Kittsteiner, Matthias Pfefferle, Matthieu Mota, mattyrob, Maxime Culea, Maxime Pertici, maxme, Mayank Majeji, mcshane, Mel Choyce-Dwan, Menaka S., mensmaximus, metalandcoffee, Michael, Michael Arestad, Michael Arestad, Michael Fields, Michael Nelson, Michele Butcher-Jones, Michelle, Miguel Fonseca, mihdan, Miina Sikk, Mikael Korpela, mikaumoto, Mike Crantea, Mike Glendinning, Mike Haydon, Mike Schinkel [WPLib Box project lead], Mike Schroder, Mikey Arce, Milana Cap, Milind More, mimi, mislavjuric, Mohammad Jangda, Mohammad Rockeybul Alam, Mohsin Rasool, Monika Rao, Morgan Kay, Morten Rand-Hendriksen, Morteza Geransayeh, moto hachi ( mt8.biz ), mrgrt, mrmist, mrTall, msaggiorato, Muhammad Usama Masood, Mukesh Panchal, munyagu, Nadir Seghir, Nahid Ferdous Mohit, Naoko Takano, narwen, Nate Gay, Nathan Rice, Navid, neonkowy, net, netpassprodsr, Nextendweb, Ngan Tengyuen, Nick Daugherty, Nicky Lim, nicolad, Nicolas Juen, NicolasKulka, Nidhi Jain, Niels de Blaauw, Niels Lange, nigro.simone, Nikhil Bhansi, Nikolay Bachiyski, Nilo Velez, Niresh, nmenescardi, Noah Allen, ntsekouras, NumidWasNotAvailable, oakesjosh, obliviousharmony, ockham, Omar Alshaker, onokazu, Optimizing Matters, ovann86, overclokk, p_enrique, Paal Joachim Romdahl, palmiak, Paresh Shinde, Parvand, Pascal Birchler, Pascal Casier, Paul Bearne, Paul Biron, Paul Fernhout, Paul Gibbs, Paul Ryan, Paul Schreiber, Paul Stonier, Paul Von Schrottky, pavelevap, Pedro Mendonça, pentatonicfunk, pepe, Peter “Pessoft” Kolínek, Peter Westwood, Peter Wilson, Phil Derksen, Phil Johnston, Philip Jackson, Pierre Gordon, pigdog234, pikamander2, pingram, Pionect, Piyush Patel, pkarjala, pkvillanueva, Prashant Baldha, pratik028, Pravin Parmar, Presskopp, Presslabs, Priyank Patel, Priyo Mukul, ProGrafika, programmin, Puneet Sahalot, pvogel2, r-a-y, Raaj Trambadia, Rachel Peter, raine, Ramanan, Rami Yushuvaev, Rastaban, RavanH, Ravat Parmar, ravenswd, rawrly, rebasaurus, Red Sand Media Group, Remy Perona, Remzi Cavdar, Renatho, renggo888, retlehs, retrofox, Riad Benguella, Rian Rietveld, riasat, Rich Tabor, Ringisha, ritterml, Rnaby, Rob Cutmore, Rob Migchels, rob006, Robert Anderson, Robert Chapin, Robert Peake, Ronald Huereca, Rostislav Wolný, Roy Tanck, ruxandra, Ryan Boren, Ryan Fredlund, Ryan Kienstra, Ryan McCue, Ryan Welcher, Ryota Sakamoto, ryotsun, Sören Wrede, Søren Brønsted, Sachit Tandukar, Sagar Jadhav, Sajjad Hossain Sagor, Sal Ferrarello, Salvatore Formisano, Sam Fullalove, Sam Webster, Samir Shah, Samuel Wood (Otto), samueljseay, Sander van Dragt, Sanket Mehta, sarahricker, Sathiyamoorthy V, Sayed Taqui, scarolan, scholdstrom, Scott Kingsley Clark, Scott Reilly, Scott Smith, Scott Taylor, scribu, scruffian, Sean Hayes, seanpaulrasmussen, seayou, senatorman, Sergey Biryukov, Sergey Predvoditelev, Sergio de Falco, sergiomdgomes, Shannon Smith, Shantanu Desai, shaunandrews, Shawn Hooper, shawnz, Shital Marakana, shulard, siliconforks, Simon Wheatley, simonjanin, sinatrateam, sjmur, skarabeq, skorasaurus, skoskie, slushman, snapfractalpop, SpearsMarketing, sphakka, squarecandy, sreedoap, Stanimir Stoyanov, Stefano Minoia, Stefanos Togoulidis, Steph Wells, Stephen Bernhardt, Stephen Cronin, Stephen Edgar, Steve Dufresne, stevegibson12, Steven Stern (sterndata), Steven Word, stevenkussmaul, stevenlinx, Stiofan, Subrata Sarkar, SUM1, Sunny, Sunny Ratilal, Sushyant Zavarzadeh, suzylah, Sybre Waaijer, Synchro, Sérgio Estêvão, Takayuki Miyauchi, Tammie Lister, Tang Rufus, TeBenachi, Tessa Watkins LLC, Tetsuaki Hamano, theMikeD, theolg, Thierry Muller, thimalw, Thomas M, Thorsten Frommen, Thrijith Thankachan, Tiago Hillebrandt, Till Krüss, Timothy Jacobs, Tkama, tmdesigned, tmoore41, TobiasBg, tobifjellner (Tor-Bjorn Fjellner), Tofandel, tomdude, Tommy Ferry, Tony G, Toro_Unit (Hiroshi Urabe), torres126, Torsten Landsiedel, Toru Miki, Travis Northcutt, treecutter, truongwp, tsimmons, Tung Du, Udit Desai, Ulrich, vabrashev, Vagios Vlachos, valchovski, Valentin Bora, Vayu Robins, veromary, Viktor Szépe, vinkla, virginienacci, Vladimir, vortfu, voyager131, vtieu, webaware, Weston Ruter, Whodunit, William Earnhardt, williampatton, Winstina, wpdesk, WPDO, WPMarmite, wppinar, Yahil Madakiya, yashrs, yoancutillas, yohannp, yuhin, Yuri Salame, Yvette Sonneveld, Zack Tollman, zaheerahmad, zakkath, Zebulan Stanphill, zieladam, and Česlav Przywara.
Many thanks to all of the community volunteers who contribute in the support forums. They answer questions from people across the world, whether they are using WordPress for the first time or since the first release. These releases are more successful for their efforts!
Finally, thanks to all the community translators who worked on WordPress 5.5. Their efforts bring WordPress fully translated to 46 languages at release time, with more on the way.
If you want to learn more about volunteering with WordPress, check out Make WordPress or the core development blog.
An update for servicemesh is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
58 queries. 8.75 mb Memory usage. 1.548 seconds.