[월:] 2023년 03월

No Image

WordPress 6.2 Release Candidate 1

2023-03-10 KENNETH 0

WordPress 6.2 Release Candidate 1 WordPress 6.2’s first release candidate (RC1) is here and ready for testing. Reaching this part of the release cycle is a key milestone. While we consider release candidates ready for final release, additional testing and use by the community can only make it better. The official release of 6.2 is just three short weeks away on March 28. In open source, we say with many eyes, all bugs are shallow, so we ask everyone across the WordPress ecosystem—theme and plugin developers, educators, agencies, and creators—to jump in and help test. This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test RC1 on a test server and site.  You can test WordPress 6.2 RC1 [ more… ]

Lenovo launches Windows 11-powered ThinkStation PX, P7 and P5

2023-03-10 KENNETH 0

Lenovo launches Windows 11-powered ThinkStation PX, P7 and P5 Lenovo’s latest trio of Windows 11 desktop workstations are what the company calls its most technologically advanced, with the latest Xeon processors from Intel and support for high-end NVIDIA RTX professional GPUs to handle machine learning, data science, AI development and more. The ThinkStation PX, P7 and P5 also come with a new chassis co-designed with Aston Martin – the U.K.-based high-performance luxury auto maker. The two companies worked together over three years to apply insights from both industries to make a tool-less chassis with unobstructed airflow, ensuring maximum cold air intake and hot air exhaust. The 3D grill maximizes the performance of CPUs, GPUs, memory and storage. All three workstations also have front access drives for easy serviceability and upgrade flexibility. These workstations include Windows 11, which introduced a major [ more… ]

No Image

USN-5942-1: Apache HTTP Server vulnerabilities

2023-03-09 KENNETH 0

USN-5942-1: Apache HTTP Server vulnerabilities Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2023-25690) Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy_uwsgi module incorrectly handled certain special characters. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2023-27522) Source: USN-5942-1: Apache HTTP Server vulnerabilities

No Image

USN-5941-1: Linux kernel (KVM) vulnerabilities

2023-03-09 KENNETH 0

USN-5941-1: Linux kernel (KVM) vulnerabilities It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0179) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) Maxim Levitsky discovered that the KVM nested virtualization (SVM) [ more… ]

No Image

USN-5940-1: Linux kernel (Raspberry Pi) vulnerabilities

2023-03-09 KENNETH 0

USN-5940-1: Linux kernel (Raspberry Pi) vulnerabilities It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169) It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3424) Gwangun Jung discovered a race condition in the IPv4 implementation [ more… ]