No Image

USN-4679-1: Linux kernel vulnerabilities

2021-01-06 KENNETH 0

USN-4679-1: Linux kernel vulnerabilities It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation [ more… ]

No Image

USN-4677-1: p11-kit vulnerabilities

2021-01-06 KENNETH 0

USN-4677-1: p11-kit vulnerabilities David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4677-1: p11-kit vulnerabilities

No Image

USN-4676-1: OpenEXR vulnerabilities

2021-01-05 KENNETH 0

USN-4676-1: OpenEXR vulnerabilities It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Source: USN-4676-1: OpenEXR vulnerabilities

No Image

USN-4675-1: OpenStack Horizon vulnerability

2021-01-05 KENNETH 0

USN-4675-1: OpenStack Horizon vulnerability Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL. Source: USN-4675-1: OpenStack Horizon vulnerability

No Image

The Month in WordPress: December 2020

2021-01-05 KENNETH 0

The Month in WordPress: December 2020 We bid goodbye to 2020 in style with the release of WordPress 5.6 and the launch of Learn WordPress. But these weren’t the only exciting updates from WordPress in December. Read on to learn more! WordPress 5.6 is here The latest major WordPress release, version 5.6 “Simone”, came out on December 8. The release ships with a new default theme called Twenty Twenty One. It offers a host of features, including: Greater layout flexibility More block patterns Video captioning support Auto-updates Beta-compatibility for PHP 8.0 Application password support for the REST API Updates to jQuery In addition, WordPress 5.6 is now available in 55 languages. You can find more information about the release in the field guide, and you can update to the latest version directly from your WordPress dashboard or by downloading it [ more… ]