No Image

WordPress 6.0 Release Candidate 3 (RC3) Now Available for Testing

2022-05-18 KENNETH 0

WordPress 6.0 Release Candidate 3 (RC3) Now Available for Testing WordPress 6.0 is scheduled for release next week on May 24, 2022! This RC3 release is the final opportunity for you to test and help contribute to making the 6.0 release great. You can view changes since the RC2 release via Gutenberg and Trac. Installing RC3 This version of the WordPress software is under development. Please do not install, run, and test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you install RC3 on a test server and site.  You can test WordPress 6.0 RC3 in three ways: Option 1: Install and activate the WordPress Beta Tester plugin (select the “Bleeding edge” channel and “Beta/RC Only” stream). Option 2: Direct download the release candidate (zip). Option 3: When using WP-CLI to upgrade from Beta [ more… ]

No Image

USN-5427-1: Apport vulnerabilities

2022-05-18 KENNETH 0

USN-5427-1: Apport vulnerabilities Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to denial of service. (CVE-2022-28654) Gerrit Venema discovered that [ more… ]

No Image

Soar the skies of Italy and Malta in latest free World Update for Microsoft Flight Simulator

2022-05-18 KENNETH 0

Soar the skies of Italy and Malta in latest free World Update for Microsoft Flight Simulator Italy and Malta come alive with rich detail of the region’s grandeur in the latest free World Update of Microsoft Flight Simulator. “Fly throughout the historic cities of Rome and Venice, soar above Mediterranean coastlines and navigate sheer-faced peaks, all rendered in lifelike realism with World Update IX: Italy & Malta,” writes Jorg Neumann, Head of Microsoft Flight Simulator, in a post on Xbox Wire. “The Microsoft Flight Simulator team has refined this area with the latest geospatial data available, including digital elevation modeling, aerial and satellite imagery, and triangulated irregular network (TIN) modeling of 20 cities, including Rome, Naples, Venice and Milan.” Head over to Xbox Wire for details and images from the update that is available now for free. Source: Soar the [ more… ]

No Image

USN-5426-1: needrestart vulnerability

2022-05-18 KENNETH 0

USN-5426-1: needrestart vulnerability Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code. Source: USN-5426-1: needrestart vulnerability

No Image

USN-5423-2: ClamAV vulnerabilities

2022-05-18 KENNETH 0

USN-5423-2: ClamAV vulnerabilities USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770) Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771) Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785) Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV [ more… ]