[월:] 2022년 05월

No Image

USN-5259-3: Cron regression

2022-05-11 KENNETH 0

USN-5259-3: Cron regression USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. (CVE-2017-9525) Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-9704) It was discovered that Cron incorrectly handled user input during crontab file creation. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-9705) It was discovered that Cron contained a use-after-free vulnerability in its force_rescan_user function. An attacker could possibly use [ more… ]

New normal of hybrid life inspires latest generation of Windows 11 Lenovo Yoga Slim and Legion gaming PCs

2022-05-11 KENNETH 0

New normal of hybrid life inspires latest generation of Windows 11 Lenovo Yoga Slim and Legion gaming PCs Lenovo has unveiled a new generation of Windows 11 PCs to help people navigate the new normal of hybrid life. The seventh generation of Yoga devices are designed to help connect, consume, create and collaborate from home, school, the office and beyond. Lenovo’s Yoga 2-in-1 convertible laptops were pioneers in opening possibilities for users to flip and fold from work to play. Since then, Yoga has expanded to multiple form factors, including ultra-slim clamshell laptops and desktop computers. The Yoga Slim 7i Pro X and Yoga Slim 7 Pro X (known as Lenovo Slim 7i Pro X and Lenovo Slim 7 Pro X in the U.S.), enable creation anywhere, anytime. Next-gen processors power them with up to 32GB of LPDDR5 RAM and [ more… ]

No Image

USN-5409-1: libsndfile vulnerability

2022-05-11 KENNETH 0

USN-5409-1: libsndfile vulnerability It was discovered that libsndfile was incorrectly performing memory management operations and incorrectly using buffers when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a denial of service or obtain sensitive information. Source: USN-5409-1: libsndfile vulnerability

No Image

WordPress 6.0 Release Candidate 2 (RC2) Now Available for Testing

2022-05-11 KENNETH 0

WordPress 6.0 Release Candidate 2 (RC2) Now Available for Testing The next release candidate for WordPress 6.0 is now available!  WordPress 6.0 is scheduled for release on May 24th, 2022 – just two weeks from today. “Release Candidate” means that this version of WordPress is ready for release! Since the WordPress ecosystem includes thousands of plugins and themes, it is important that everyone within the WordPress community check to see if anything was missed along the way. That means the project would love your help. Thank you to everyone who has contributed towards testing and logging issues to help make WordPress 6.0 stable (and awesome). WordPress still needs your help testing, especially theme and plugin developers. Since the RC1 release on May 3rd, 2022, there have been approximately 40 issues resolved in Gutenberg and Trac. Installing RC2 This version of [ more… ]

No Image

USN-5408-1: Dnsmasq vulnerability

2022-05-11 KENNETH 0

USN-5408-1: Dnsmasq vulnerability Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information. Source: USN-5408-1: Dnsmasq vulnerability