KENNETH – 페이지 143 – 지락문화예술공작단

USN-6050-1: Git vulnerabilities

2023-05-01 KENNETH 0

USN-6050-1: Git vulnerabilities It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. (CVE-2023-25652) Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. (CVE-2023-25815) André Baptista and Vítor Pinho discovered that Git incorrectly handled certain configurations. An attacker could possibly use this issue to arbitrary configuration injection. (CVE-2023-29007) Source: USN-6050-1: Git vulnerabilities

People of WordPress: Monika Rao

2023-05-01 KENNETH 0

People of WordPress: Monika Rao This month we feature Monika Rao, a Product and Quality Assurance Manager from India. She finds contributing to the WordPress project a way to deepen her technical skills and further her web career. The People of WordPress series shares inspiring stories of how people’s lives can change for the better through WordPress and its global community of contributors. Monika was born in Udaipur, in the state of Rajasthan, India. At that time, she recalls, there was some resistance to girls’ education in certain subjects. Thanks to her parents’ support and encouragement, she graduated in Computer Science Engineering. Following graduation, she went on to work for an international firm. However, she felt she wanted to work in her home area and so returned to work for a firm based in Udaipur itself. Monika started her career journey with [ more… ]

Announcing Windows 11 Insider Preview Build 25352

2023-04-29 KENNETH 0

Announcing Windows 11 Insider Preview Build 25352 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 25352 to the Canary Channel. Starting with today’s build, Windows Insiders in the Canary Channel will notice that the name of the branch shown in the desktop watermark has changed to ZN_RELEASE. Just like we have done in the past, we can change which branch we flight builds from. As our engineers work in development cycles internally, we may prioritize work being done in a specific branch and may need to move Insiders between branches. We are treating these builds the same as we would treat builds from the RS_PRERELEASE branch. As a result of this change, Insiders will notice that some features have been removed temporarily. We look to bring these features back to Insiders in the future. And builds [ more… ]

USN-6049-1: Netty vulnerabilities

2023-04-29 KENNETH 0

USN-6049-1: Netty vulnerabilities It was discovered that Netty’s Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-11612) It was discovered that Netty created temporary files with excessive permissions. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM, and Ubuntu 20.04 ESM. (CVE-2021-21290) It was discovered that Netty did not properly validate content-length headers. A remote attacker could possibly use this issue to smuggle requests. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2021-21295, CVE-2021-21409) It was discovered that Netty’s Bzip2 decompression decoder did not limit the decompressed output data size. A remote attacker [ more… ]

USN-6037-1: Apache Commons Net vulnerability

2023-04-28 KENNETH 0

USN-6037-1: Apache Commons Net vulnerability ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private network of the client. Source: USN-6037-1: Apache Commons Net vulnerability