RedHat: RHSA-2018-3403:01 Important: thunderbird security update

Nov02
by Ike on November 2, 2018 at 12:27 am
Posted In: Other

(Oct 30) An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

 Comment 

RedHat: RHSA-2018-3425:01 Important: qemu-kvm security update

Nov02
by Ike on November 2, 2018 at 12:27 am
Posted In: Other

(Oct 30) An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact

 Comment 

Quarterly Updates | Q3 2018

Nov01
by Ike on November 1, 2018 at 4:46 pm
Posted In: Backups, CMS, General, PHP, Releases, security, Updates, Wordpress

To keep everyone aware of big projects and efforts across WordPress contributor teams, I’ve reached out to each team’s listed representatives. I asked each of them to share their Top Priority (and when they hope for it to be completed), as well as their biggest Wins and Worries. Have questions? I’ve included a link to each team’s site in the headings.

Accessibility

  • Contacted: @joedolson, @audrasjb, @arush
  • Priority: Work on authoring a manual for assistive technology users on Gutenberg, led by Claire Brotherton (@abrightclearweb). Continue to work on improving the overall user experience in Gutenberg. Update and organize the WP A11y handbook.
  • Struggle: Lack of developers and accessibility experts to help test and code the milestone issues. Still over 100 outstanding issues, and developing the Gutenberg AT manual helps expose additional issues. The announcement of an accessibility focus on 4.9.9 derailed our planning for Gutenberg in September with minimal productivity, as that goal was quickly withdrawn from the schedule.
  • Big Win: Getting focus constraint implemented in popovers and similar components in Gutenberg.

CLI

  • Contacted: @danielbachhuber, @schlessera
  • Priority: Current priority is v2.1.0 of WP-CLI, to polish the major refactoring v2.0.0 introduced. You can join in or follow progress on their site.
  • Struggle: Getting enough contributors to make peer-review possible/manageable.
  • Big Win: The major refactoring of v2 was mostly without any negative impacts on existing installs. It provided substantial improvements to maintainability including: faster and more reliable testing, more straight-forward changes to individual packages, and simpler contributor on-boarding.

Community

Core

  • Contacted: @jeffpaul
  • Priority: Continued preparation for the 5.0 release cycle and Gutenberg.
  • Struggle: Identifying tasks for first time contributors, as well as for new-to-JS contributors.

Design

  • Contacted: @melchoyce, @karmatosed, @boemedia, @joshuawold, @mizejewski
  • Priority: Preparing for WordPress 5.0 and continuing to work on better onboarding practices.
  • Struggle: Identifying tasks for contributor days, especially for small- to medium-sized tasks that can be fit into a single day.
  • Big Win: Regular contributions are starting to build up.

Documentation

  • Contacted: @kenshino
  • Priority: Getting HelpHub out before WordPress 5.0’s launch to make sure Gutenberg User Docs have a permanent position to reside
  • Struggle: Getting the documentation from HelpHub into WordPress.org/support is more manual than initially anticipated.
  • Big Win: Had a good discussion with the Gutenberg team about their docs and how WordPress.org expects documentation to be distributed (via DevHub, Make and HelpHub). Getting past the code blocks to release HelpHub (soon)

Hosting

  • Contacted: @mikeschroder, @jadonn
  • Priority: Helping Gutenberg land well at hosts for users in 5.0.
  • Struggle: Short time frame with few resources to accomplish priority items.
  • Big Win: Preparing Try Gutenberg support guide for hosts during the rollout and good reception from users following it.

Marketing

  • Contacted: @bridgetwillard
  • Priority: Continuing to write and publish case studies from the community.
  • Big Win: Onboarding guide is going well and is currently being translated.

Meta (WordPress.org Site)

  • Contacted: @tellyworth, @coffee2code
  • Priority: Support for other teams in the lead up to, and the follow-up of, the release of WP 5.0. ETA is the WP 5.0 release date (Nov 19) and thereafter, unless it gets bumped to next quarter.
  • Struggle: Maintaining momentum on tickets (still).
  • Big Win: Launch of front-end demo of Gutenberg on https://wordpress.org/gutenberg/

Mobile

  • Contacted: @elibud
  • Priority: Have an alpha version of Gutenberg in the WordPress apps, ETA end of year 2018.
  • Struggle: Unfamiliar tech stack and the goal of reusing as much of Gutenberg-web’s code as possible.
  • Big Win: Running mobile tests on web’s PRs.

Plugins

  • Contacted: @ipstenu
  • Priority: Cleaning up ‘inactive’ users, which was supposed to be complete but some work preparing for 5.0 was necessary.
  • Struggles: Devnotes are lacking for the upcoming release which slows progress.
  • Big Win: No backlog even though a lot were out!

Polyglots

Support

  • Contacted: @clorith
  • Priority: Preparing for the upcoming 5.0 release
  • Struggle: Finding a good balance between how much we want to help people and how much we are able to help people. Also, contributor recruitment (always a crowd favorite!)
  • Big Win: How well the team, on a global level, has managed to maintain a good flow of user engagement through support.

Theme Review

  • Contacted: @acosmin, @rabmalin, @thinkupthemes, @williampatton
  • Priority: Implementing the Theme Sniffer plugin on WordPress.org which is one step forward towards automation. ETA early 2019
  • Struggle: Not having so many contributors/reviewers.
  • Big Win: Implementing multiple requirements into our review flow, like screenshots and readme.txt requirements.

Training

  • Contacted: @bethsoderberg, @juliek
  • Priority: Getting the learn.wordpress.org site designed, developed, and being able to publish lesson plans to it.
  • Struggle: Getting contributors onboard and continually contributing. Part of that is related to the learn.wordpress.org site. People like to see their contributions.
  • Big Win: We have our new workflow and tools in place. We are also streamlining that process to help things go from idea to publication more quickly.

Interested in updates from the last quarter? You can find those here: https://wordpress.org/news/2018/07/quarterly-updates-q2-2018/

└ Tags: ,

The Month in WordPress: October 2018

Nov01
by Ike on November 1, 2018 at 8:40 am
Posted In: Backups, CMS, Month in WordPress, PHP, Releases, security, Wordpress

Teams across the WordPress project are working hard to make sure everything is ready for the upcoming release of WordPress 5.0. Find out what’s going on and how you can get involved.

The Plan for WordPress 5.0

Early this month, the planned release schedule was announced for WordPress 5.0, which was updated a few weeks later. WordPress 5.0 is a highly anticipated release, as it’s the official  launch of Gutenberg — the new block editor for WordPress Core. For more detail, check out this  granular timeline.

Along with the planned release schedule, @matt, who is heading up this release, announced leads for critical focuses on the project, including @matveb, @karmatosed, @laurelfulford, @allancole, @lonelyvegan, @omarreiss, @antpb, @pento, @chanthaboune, @danielbachhuber, and @mcsf.

WordPress 5.0 is currently in its second beta phase and will soon move to the release candidate status. Help test this release right now by installing the WordPress Beta Tester plugin on your site.

Want to get involved in building WordPress Core? Follow the Core team blog and join the #core channel in the Making WordPress Slack group. You can also help out by testing or translating the release into a local language.

New Editor for WordPress Core

Active development continues on Gutenberg, the new editing experience for WordPress Core. The latest release is feature complete, meaning that all further development on it will be to improve existing features and fix outstanding bugs.

Some have raised concerns about Gutenberg’s accessibility, prompting the development team to detail some areas in which the new editor is accessible. To help improve things further, the team has made a public call for accessibility testers to assist.

Want to get involved in building Gutenberg? Follow the Gutenberg tag on the Core team blog and join the #core-editor channel in the Making WordPress Slack group. Read this guide to find areas where you can have the most impact.

Migrating HelpHub to WordPress.org

HelpHub is an ongoing project to move all of WordPress’ user documentation from the Codex to the WordPress Support portal.

HelpHub has been developed on a separate staging server and it’s now time to migrate the new documentation to its home on WordPress.org. The plan is to have everything moved over  before WordPress 5.0 is released, so that all the new documentation will be available on the new platform from the start.

The HelpHub team has published a call for volunteers to help with the migration. If you would like to get involved, join the #docs channel in the Making WordPress Slack group, and contact @atachibana to get started.

A New Default Theme for WordPress

A brand new default theme — Twenty Nineteen — has been announced with development being led by @allancole. The theme is packaged with WordPress 5.0, so it will be following the same release schedule as Core.

The new theme is designed to integrate seamlessly with Gutenberg and showcase how you can build a theme alongside the new block editor and take advantage of the creative freedom that it offers.

Want to help build Twenty Nineteen? Join in on the theme’s GitHub repo and join the #core-themes channel in the Making WordPress Slack group.

Further Reading:

  • The Support team are putting together more formal Support Guidelines for the WordPress Support Forums.
  • The group focused on privacy tools in Core has released some details on the work they have been doing recently, with a roadmap for their plans over the next few months.
  • The Core team released an update about how WordPress will be compatible with PHP 7.3.
  • The Theme Review Team have published some new requirements regarding child themes, readme files and trusted authors in the Theme Directory.
  • The WordCamp Europe team are working on a PWA service for all WordCamp websites.

If you have a story we should consider including in the next “Month in WordPress” post, please submit it here.

└ Tags:

Ubuntu 3805-1: curl vulnerabilities

Nov01
by Ike on November 1, 2018 at 12:26 am
Posted In: Other

(Oct 31) Several security issues were fixed in curl.

 Comment 

50 queries. 8.75 mb Memory usage. 0.323 seconds.