[월:] 2021년 06월

WordPress 5.8 Beta 3

2021-06-23 KENNETH 0

WordPress 5.8 Beta 3 WordPress 5.8 Beta 3 is now available for testing! This software is still in development, so it is not recommended to run this version on a production site. Consider setting up a test site to play with it. You can test the WordPress 5.8 Beta 3 in three ways: Install/activate the WordPress Beta Tester plugin (select the Bleeding edge channel and the Beta/RC Only stream). Direct download the beta version here (zip). Using WP-CLI to test: wp core update –version=5.8-beta3 The current target for the final release is July 20, 2021. That’s just four weeks away, so we need your help to make the final release is as good as it can be. Some Highlights Since Beta 2, 38 bugs have been fixed. Here is a summary of some of the included changes: Block Editor: Move caching to endpoint for [ more… ]

No Image

USN-4997-1: Linux kernel vulnerabilities

2021-06-23 KENNETH 0

USN-4997-1: Linux kernel vulnerabilities Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy [ more… ]

No Image

Releasing Windows Feature Experience Pack 120.2212.3920.0 to the Beta & Release Preview Channels

2021-06-23 KENNETH 0

Releasing Windows Feature Experience Pack 120.2212.3920.0 to the Beta & Release Preview Channels Hello Windows Insiders, Today, we are releasing Windows Feature Experience Pack 120.2212.3920.0 to Windows Insiders in the Beta and Release Preview Channels. For Windows Insiders in the Release Preview Channel, this will be an optional update for you. NOTE: This update will NOT be offered to commercial devices in the Release Preview Channel. These devices are devices AAD-joined and/or running the Windows 10 Enterprise edition. These customers will get Windows Feature Experience Packs delivered through “C” Preview releases which then get rolled up into monthly “B” releases. This enables commercial customers to test all the non-security fixes and features that will be rolled up into the next monthly “B” release. See this blog post for the details on the existing servicing process for Windows 10. This update only applies to [ more… ]

No Image

Sonic the Hedgehog DLC now available for Minecraft for Windows 10

2021-06-23 KENNETH 0

Sonic the Hedgehog DLC now available for Minecraft for Windows 10 To celebrate Sonic the Hedgehog’s 30th birthday June 23, free downloadable content tied to the speedster is now available for Minecraft for Windows 10. You’ll find rings to collect, along with plenty of obstacles to dash past, bosses to defeat and momentum to build towards a high score. Find out more on Minecraft.net. Source: Sonic the Hedgehog DLC now available for Minecraft for Windows 10

No Image

USN-4995-1: Thunderbird vulnerabilities

2021-06-23 KENNETH 0

USN-4995-1: Thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or execute arbitrary code. (CVE-2021-23961, CVE-2021-23981, CVE-2021-23982, CVE-2021-23987, CVE-2021-23994, CVE-2021-23998, CVE-2021-23999, CVE-2021-29945, CVE-2021-29946, CVE-2021-29967) It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spoof a website and trick the user into providing credentials. (CVE-2021-23984) Multiple security issues were discovered in Thunderbird’s OpenPGP integration. If a user were tricked into importing a specially crafted key in some circumstances, an attacker could potentially exploit this to cause a denial [ more… ]