WordPress 5.0 RC3

2018-12-04 KENNETH 0

WordPress 5.0 RC3 The third release candidate for WordPress 5.0 is now available! WordPress 5.0 will be released on December 6, 2018. This is a big release and needs your help—if you haven’t tried 5.0 yet, now is the time! To test WordPress 5.0, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip). For details about what to expect in WordPress 5.0, please see the first release candidate post. This release candidate includes a fix for some scripts not loading on subdirectory installs (#45469), and user locale settings not being loaded in the block editor (#45465). Twenty Nineteen has also had a couple of minor tweaks. Plugin and Theme Developers Please test your plugins and themes against WordPress 5.0 and update the Tested up to version in the readme to 5.0. If you find compatibility problems, please be sure to post [ more… ]

No Image

USN-3836-2: Linux kernel (HWE) vulnerabilities

2018-12-04 KENNETH 0

USN-3836-2: Linux kernel (HWE) vulnerabilities linux-hwe, linux-gcp vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-hwe – Linux hardware enablement (HWE) kernel Details USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955) Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from [ more… ]

No Image

RHSA-2018:3761-1: Important: ghostscript security and bug fix update

2018-12-04 KENNETH 0

RHSA-2018:3761-1: Important: ghostscript security and bug fix update Red Hat Enterprise Linux: An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-16863 Source: RHSA-2018:3761-1: Important: ghostscript security and bug fix update

No Image

RHSA-2018:3760-1: Important: ghostscript security update

2018-12-04 KENNETH 0

RHSA-2018:3760-1: Important: ghostscript security update Red Hat Enterprise Linux: An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-16509 Source: RHSA-2018:3760-1: Important: ghostscript security update

No Image

USN-3836-1: Linux kernel vulnerabilities

2018-12-04 KENNETH 0

USN-3836-1: Linux kernel vulnerabilities linux, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-kvm – Linux kernel for cloud environments linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955) Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559) [ more… ]