No Image

USN-3382-1: PHP vulnerabilities

2017-08-11 KENNETH 0

USN-3382-1: PHP vulnerabilities Ubuntu Security Notice USN-3382-1 10th August, 2017 php5, php7.0 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in PHP. Software description php5 – HTML-embedded scripting language interpreter php7.0 – HTML-embedded scripting language interpreter Details It was discovered that the PHP opcache created keys for files it cachedbased on their filepath. A local attacker could possibly use this issue ina shared hosting environment to obtain sensitive information. This issueonly affected Ubuntu 14.04 LTS. (CVE-2015-8994) It was discovered that the PHP URL parser incorrectly handled certain URIcomponents. A remote attacker could possibly use this issue to bypasshostname-specific URL checks. This issue only affected Ubuntu 14.04 LTS.(CVE-2016-10397) It was discovered that PHP incorrectly handled certain boolean parameterswhen unserializing data. A remote attacker [ more… ]

No Image

USN-3383-1: libsoup vulnerability

2017-08-11 KENNETH 0

USN-3383-1: libsoup vulnerability Ubuntu Security Notice USN-3383-1 10th August, 2017 libsoup2.4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Applications using libsoup could be made to crash or run programs as your login if it received specially crafted network traffic. Software description libsoup2.4 – HTTP client/server library for GNOME Details Aleksandar Nikolic discovered a stack based buffer overflow whenhandling chunked encoding. An attacker could use this to cause adenial of service or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libsoup2.4-1 2.56.0-2ubuntu0.1 gir1.2-soup-2.4 2.56.0-2ubuntu0.1 libsoup-gnome2.4-1 2.56.0-2ubuntu0.1 Ubuntu 16.04 LTS: libsoup2.4-1 2.52.2-1ubuntu0.2 gir1.2-soup-2.4 2.52.2-1ubuntu0.2 libsoup-gnome2.4-1 2.52.2-1ubuntu0.2 Ubuntu 14.04 LTS: libsoup2.4-1 2.44.2-1ubuntu2.2 gir1.2-soup-2.4 2.44.2-1ubuntu2.2 libsoup-gnome2.4-1 2.44.2-1ubuntu2.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]

This Week on Windows: Microsoft Education, MINECON, Mixed Reality and more

2017-08-11 KENNETH 0

This Week on Windows: Microsoft Education, MINECON, Mixed Reality and more We hope you enjoyed today’s episode of This Week on Windows! Head over here to learn about the exciting changes coming to MINECON and what’s new to Office 365 in July, read our Windows 10 Tip on how you can see your 3D creations take life in Remix 3D, or, keep reading for what’s new in the Windows Store. In case you missed it: <!– !function(a,b){"use strict";function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf("MSIE 10"),h=!!navigator.userAgent.match(/Trident.*rv:11./),i=b.querySelectorAll("iframe.wp-embedded-content");for(c=0;c<i.length;c++){if(d=i,!d.getAttribute("data-secret"))f=Math.random().toString(36).substr(2,10),d.src+="#?secret="+f,d.setAttribute("data-secret",f);if(g||h)a=d.cloneNode(!0),a.removeAttribute("security"),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!/[^a-zA-Z0-9]/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll('iframe[data-secret="'+d.secret+'"]'),k=b.querySelectorAll('blockquote[data-secret="'+d.secret+'"]');for(e=0;e<k.length;e++)k[e].style.display="none";for(e=0;e1e3)g=1e3;else if(~~g<!]]> <!– !function(a,b){"use strict";function c(){if(!e){e=!0;var a,c,d,f,g=-1!==navigator.appVersion.indexOf("MSIE 10"),h=!!navigator.userAgent.match(/Trident.*rv:11./),i=b.querySelectorAll("iframe.wp-embedded-content");for(c=0;c<i.length;c++){if(d=i,!d.getAttribute("data-secret"))f=Math.random().toString(36).substr(2,10),d.src+="#?secret="+f,d.setAttribute("data-secret",f);if(g||h)a=d.cloneNode(!0),a.removeAttribute("security"),d.parentNode.replaceChild(a,d)}}}var d=!1,e=!1;if(b.querySelector)if(a.addEventListener)d=!0;if(a.wp=a.wp||{},!a.wp.receiveEmbedMessage)if(a.wp.receiveEmbedMessage=function(c){var d=c.data;if(d.secret||d.message||d.value)if(!/[^a-zA-Z0-9]/.test(d.secret)){var e,f,g,h,i,j=b.querySelectorAll('iframe[data-secret="'+d.secret+'"]'),k=b.querySelectorAll('blockquote[data-secret="'+d.secret+'"]');for(e=0;e<k.length;e++)k[e].style.display="none";for(e=0;e1e3)g=1e3;else if(~~g<!]]> Join Xbox Academy at the Flagship Microsoft Store to design and create your first video game Microsoft Store is excited to announce Xbox Academy is back – this time class is in session at the New York and Sydney flagship stores! Xbox Academy is a series of [ more… ]

ES Modules in Node Today!

2017-08-11 KENNETH 0

ES Modules in Node Today! Editor’s Note: Today’s post is a guest post from John-David Dalton, a Program Manager on the Microsoft Edge team and creator of the popular Lodash JavaScript library, sharing the news of a new community project to bring ECMAScript modules to Node. I’m excited to announce the release of @std/esm (standard/esm), an opt-in, spec-compliant, ECMAScript (ES) module loader that enables a smooth transition between Node and ES module formats with near built-in performance! This fast, small, zero dependency package is all you need to enable ES modules in Node 4+ today! @std/esm used in the Node REPL A tale of two module formats With ESM landing in browsers, attention is turning to Node’s future ESM support. Unlike browsers, which have an out-of-band parse goal signal and no prior module format, support for ESM in Node is a bit more…prickly. Node’s legacy module [ more… ]