(Oct 9) Several security issues were fixed in GnuPG.
Ubuntu: 1988-1: Cyrus SASL vulnerability
(Oct 9) Cyrus SASL could be made to crash if it processed specially crafted input.
Debian: 2771-1: nas: Multiple vulnerabilities
(Oct 9) Hamid Zamani discovered multiple security problems (buffer overflows, format string vulnerabilities and missing input sanitising), which could lead to the execution of arbitrary code. [More…]
Debian: 2772-1: typo3-src: cross-site scripting
(Oct 10) Markus Pieton and Vytautas Paulikas discovered that the embedded video and audio player in the TYPO3 web content management system is suspectible to cross-site-scripting. [More…]
WordPress 3.7 Beta 2 is now available for download and testing. This is software still in development, so we don’t recommend that you run it on a production site.
This has been a quiet beta period. We’re hoping to get some more testers for automatic background updates, which will occur for security and minor releases (like updating from 3.7 to 3.7.1). It’s really easy to test this, as Beta 2 will update* each day to the latest development version and then email you the results. If something goes wrong, you can report it — it’s that simple. To get the beta, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip). Check out Dashboard → Updates to see if your install is eligible for background updates. WordPress won’t update if, for example, you’re using version control like SVN or Git.
For more of what’s new in version 3.7, check out the Beta 1 blog post. In Beta 2, we further increased the stability of background updates and also added about 50 bug fixes, including a fix for Internet Explorer 11 in the visual editor.
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. Or, if you’re comfortable writing a bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed.
Happy testing!
Beta 2 released
Dotting i’s and crossing t’s
Expect RC next