[월:] 2022년 11월

Introducing Twenty Twenty-Three

2022-11-09 KENNETH 0

Introducing Twenty Twenty-Three This post was written in collaboration with Lauren Stein (@laurlittle) and Anne McCarthy @annezazu). Twenty Twenty-Three is here, alongside WordPress 6.1! The new default theme offers a clean, blank canvas bundled with a collection of style variations. Style variations are predefined design options that give you the opportunity to alter the appearance of your site without having to change your theme. This means that you can keep your template structure but change the visual details of your site with ease. For a truly diverse collection, Twenty Twenty-Three’s featured style variations were submitted by members of the WordPress community, resulting in 38 submissions from 19 people in 8 different countries. From those submissions, a curated collection of ten was chosen and bundled with the new theme. This approach to style variations ushers in the next generation of block [ more… ]

No Image

USN-5717-1: PHP vulnerabilities

2022-11-08 KENNETH 0

USN-5717-1: PHP vulnerabilities It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data (CVE-2022-31629) It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-31630) Nicky Mouha discovered that PHP incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS. (CVE-2022-37454) Source: USN-5717-1: PHP vulnerabilities

No Image

USN-5718-1: pixman vulnerability

2022-11-08 KENNETH 0

USN-5718-1: pixman vulnerability Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5718-1: pixman vulnerability

No Image

USN-5714-1: LibTIFF vulnerabilities

2022-11-08 KENNETH 0

USN-5714-1: LibTIFF vulnerabilities It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. (CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2953) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to allow for information disclosure or to cause the application to crash. This issue only affected to Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2867, CVE-2022-2868, CVE-2022-2869) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffsplit. An attacker could trick a user [ more… ]

Announcing Windows 11 Insider Preview Build 22621.885 and 22623.885

2022-11-08 KENNETH 0

Announcing Windows 11 Insider Preview Build 22621.885 and 22623.885 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 22621.885 and Build 22623.885 (KB5020054) to the Beta Channel. Build 22623.885= New features rolling out. Build 22621.885 = New features off by default. REMINDER: Insiders who were previously on Build 22622 will automatically get moved to Build 22623 via an enablement package. The enablement package artificially increments the build number for the update with new features getting rolled out and turned on to make it easier to differentiate from devices with the update with features off by default. This approach is being used for the Beta Channel only and is not indicative of any changes or plans for final feature rollouts. Insiders who landed in the group with new features turned off by default (Build 22621.xxxx) can check for updates [ more… ]