[월:] 2022년 03월

No Image

USN-5310-1: GNU C Library vulnerabilities

2022-03-02 KENNETH 0

USN-5310-1: GNU C Library vulnerabilities Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2016-10228, CVE-2019-25013, CVE-2020-27618, CVE-2020-29562, CVE-2021-3326) Jason Royes and Samuel Dytrych discovered that the GNU C Library incorrectly handled signed comparisons on ARMv7 targets. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-6096) It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this [ more… ]

No Image

People of WordPress: Tonya Mork

2022-03-01 KENNETH 0

People of WordPress: Tonya Mork In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature a website developer and engineer from the US, who found the software and its community provide the impetus to keep her going forward. WordPress gave Tonya Mork a new lease of energy after a health crisis from which she nearly died. She had spent two decades as an electrical and software engineer in high tech automated manufacturing. But when she discovered the WordPress software, teaching it to others became her new purpose. Through this discovery, she has gone on to help thousands of developers understand and build code in great depth. As part of her WordPress journey, she has shared her skills in the roles [ more… ]

No Image

Forza Horizon 5 update introduces sign language support

2022-03-01 KENNETH 0

Forza Horizon 5 update introduces sign language support Even though Cameron Akitt grew up hard of hearing, for him British Sign Language is a second language. English is his first. An avid gamer, subtitles supplement what he hears, correcting things he may have misheard or missed because of too much background noise. But he has friends who are deaf, for whom reading captions can cause fatigue.    “For them, it’s a really tiring experience, not being able to access your first language,” says Akitt, a London-based teacher of deaf/hard of hearing young children in a hospital-based school. “We should be able to access the same story beats and narrative components. Otherwise, we’re only getting half the picture and not getting the full experience. Including sign language is about enabling more deaf and hard of hearing people to have ownership over their [ more… ]

No Image

USN-5309-1: virglrenderer vulnerabilities

2022-03-01 KENNETH 0

USN-5309-1: virglrenderer vulnerabilities It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-0135) It was discovered that virglrenderer incorrectly initialized memory. An attacker inside a guest could possibly use this issue to obtain sensitive host information. (CVE-2022-0175) Source: USN-5309-1: virglrenderer vulnerabilities