No Image

2017 WordPress Survey and WordCamp US

2017-10-27 KENNETH 0

2017 WordPress Survey and WordCamp US It’s time for the annual WordPress user and developer survey! If you’re a WordPress user, developer, or business owner, then we want your feedback. Just like previous years, we’ll share the data at the upcoming WordCamp US (WCUS). It only takes a few minutes to fill out the survey, which will provide an overview of how people use WordPress.  WordCamp US in Nashville The State of the Word includes stats and an overview of what's new in WordPress and is given every year at WCUS. Don't forget that tickets are available now so you can join the excitement in Nashville this year! Source: 2017 WordPress Survey and WordCamp US

No Image

USN-3464-1: Wget vulnerabilities

2017-10-27 KENNETH 0

USN-3464-1: Wget vulnerabilities Ubuntu Security Notice USN-3464-1 26th October, 2017 wget vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Wget. Software description wget – retrieves files from the web Details Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wgetincorrectly handled certain HTTP responses. A remote attacker could usethis issue to cause Wget to crash, resulting in a denial of service, orpossibly execute arbitrary code. (CVE-2017-13089, CVE-2017-13090) Dawid Golunski discovered that Wget incorrectly handled recursive ormirroring mode. A remote attacker could possibly use this issue to bypassintended access list restrictions. (CVE-2016-7098) Orange Tsai discovered that Wget incorrectly handled CRLF sequences inHTTP headers. A remote attacker could possibly use this issue to injectarbitrary HTTP headers. (CVE-2017-6508) Update instructions The problem [ more… ]

No Image

USN-3465-1: Irssi vulnerabilities

2017-10-27 KENNETH 0

USN-3465-1: Irssi vulnerabilities Ubuntu Security Notice USN-3465-1 26th October, 2017 irssi vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Irssi. Software description irssi – terminal based IRC client Details Brian Carpenter discovered that Irssi incorrectly handled messages withinvalid time stamps. A malicious IRC server could use this issue to causeIrssi to crash, resulting in a denial of service. (CVE-2017-10965) Brian Carpenter discovered that Irssi incorrectly handled the internal nicklist. A malicious IRC server could use this issue to cause Irssi to crash,resulting in a denial of service. (CVE-2017-10966) Joseph Bisch discovered that Irssi incorrectly removed destroyed channelsfrom the query list. A malicious IRC server could use this issue to causeIrssi to crash, resulting in a denial of service. (CVE-2017-15227) [ more… ]

No Image

USN-3466-1: systemd vulnerability

2017-10-27 KENNETH 0

USN-3466-1: systemd vulnerability Ubuntu Security Notice USN-3466-1 26th October, 2017 systemd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Summary systemd could be made to temporarily stop responding if it received specially crafted network traffic. Software description systemd – system and service manager Details Karim Hossen & Thomas Imbert discovered that systemd-resolved incorrectlyhandled certain DNS responses. A remote attacker could possibly use thisissue to cause systemd to temporarily stop responding, resulting in adenial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: systemd 234-2ubuntu12.1 Ubuntu 17.04: systemd 232-21ubuntu7.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2017-15908 Source: USN-3466-1: systemd vulnerability

No Image

RHSA-2017:3075-1: Important: wget security update

2017-10-27 KENNETH 0

RHSA-2017:3075-1: Important: wget security update Red Hat Enterprise Linux: An update for wget is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-13089, CVE-2017-13090 Source: RHSA-2017:3075-1: Important: wget security update