Page 28 of 28 FirstFirst ... 182425262728
Results 271 to 279 of 279

Thread: Alerts

  1. #271
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation WordPress 4.7.4 released

    FYI...

    WordPress 4.7.4 released
    - https://wordpress.org/news/
    April 20, 2017 - "After almost sixty million downloads of WordPress 4.7, we are pleased to announce the immediate availability of WordPress 4.7.4, a maintenance release. This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes* and the list of changes**. Download WordPress 4.7.4 or visit 'Dashboard → Updates' and simply click 'Update Now'. Sites that support automatic background updates are already beginning to update to WordPress 4.7.4..."

    Release notes
    * https://codex.wordpress.org/Version_4.7.4

    ** https://core.trac.wordpress.org/log/...stop_rev=40224

    Download
    - https://wordpress.org/download/
    ___

    > https://wordpress.org/news/2017/05/w...-on-hackerone/
    May 15, 2017 - "... WordPress is now officially on HackerOne*... HackerOne is a platform for security researchers to securely and responsibly report vulnerabilities to our team. It provides tools that improve the quality and consistency of communication with reporters, and will reduce the time spent on responding to commonly reported issues. This frees our team to spend more time working on improving the security of WordPress..."
    * https://hackerone.com/wordpress

    Last edited by AplusWebMaster; 2017-05-15 at 20:26.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #272
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Thunderbird 52.1.0 released

    FYI...

    Thunderbird 52.1.0 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    April 30, 2017

    Fixed:
    Background images not working and other issues related to embedded images when composing email
    Google Oauth setup can sometimes not progress to the next step

    Complete list of changes in this release
    - https://bugzilla.mozilla.org/buglist...ormat=advanced
    19 bugs found.

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #273
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Apple updates - 2017.05.15

    FYI...

    > https://support.apple.com/en-us/HT201222

    iOS 10.3.2 released
    - https://support.apple.com/en-us/HT207798
    May 15, 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation..."
    - http://www.securitytracker.com/id/1038485
    CVE Reference: CVE-2017-2498, CVE-2017-6982, CVE-2017-6989
    May 15 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 10.3.2 ...
    Impact: An application can cause denial of service conditions on the target system.
    An application can obtain elevated privileges on the target system.
    A user can bypass certificate validation on the target system.
    Solution: The vendor has issued a fix (10.3.2)...
    ___

    Safari 10.1.1
    - https://support.apple.com/en-us/HT207804
    May 15, 2017 - "Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.5..."
    - http://www.securitytracker.com/id/1038487
    CVE Reference: CVE-2017-2495, CVE-2017-2496, CVE-2017-2499, CVE-2017-2500, CVE-2017-2504, CVE-2017-2505, CVE-2017-2506, CVE-2017-2508, CVE-2017-2510, CVE-2017-2511, CVE-2017-2514, CVE-2017-2515, CVE-2017-2521, CVE-2017-2525, CVE-2017-2526, CVE-2017-2528, CVE-2017-2530, CVE-2017-2531, CVE-2017-2536, CVE-2017-2538, CVE-2017-2539, CVE-2017-2544, CVE-2017-2547, CVE-2017-2549, CVE-2017-6980, CVE-2017-6984
    May 16 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 10.1.1 ...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can cause denial of service conditions.
    A local user can bypass code signing policy on the target system.
    A remote user can spoof a URL.
    A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
    Solution: The vendor has issued a fix (10.1.1)...
    ___

    macOS Sierra 10.12.5, Security Update 2017-002 El Capitan, and Security Update 2017-002 Yosemite
    - https://support.apple.com/en-us/HT207797
    May 15, 2017
    - http://www.securitytracker.com/id/1038484
    CVE Reference: CVE-2017-2494, CVE-2017-2497, CVE-2017-2501, CVE-2017-2502, CVE-2017-2503, CVE-2017-2507, CVE-2017-2509, CVE-2017-2512, CVE-2017-2513, CVE-2017-2516, CVE-2017-2518, CVE-2017-2519, CVE-2017-2520, CVE-2017-2524, CVE-2017-2527, CVE-2017-2533, CVE-2017-2534, CVE-2017-2535, CVE-2017-2537, CVE-2017-2540, CVE-2017-2541, CVE-2017-2542, CVE-2017-2543, CVE-2017-2545, CVE-2017-2546, CVE-2017-2548, CVE-2017-6977, CVE-2017-6978, CVE-2017-6979, CVE-2017-6981, CVE-2017-6983, CVE-2017-6985, CVE-2017-6986, CVE-2017-6987, CVE-2017-6988, CVE-2017-6990, CVE-2017-6991
    May 15 2017
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 10.12.5...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    An application can obtain potentially sensitive information from system memory on the target system.
    An application can obtain elevated privileges on the target system.
    A remote user on a local network can obtain 802.1X authentication credentials.
    Solution: The vendor has issued a fix (10.12.5)...
    ___

    iCloud for Windows 6.2.1
    - https://support.apple.com/en-us/HT207803
    May 15, 2017
    ___

    iTunes 12.6.1 for Windows
    - https://support.apple.com/en-us/HT207805
    May 15, 2017
    ___

    tvOS 10.2.1
    - https://support.apple.com/en-us/HT207801
    May 15, 2017
    ___

    watchOS 3.2.2
    - https://support.apple.com/en-us/HT207800
    May 15, 2017
    ___

    - https://www.us-cert.gov/ncas/current...curity-Updates
    May 15, 2017

    Last edited by AplusWebMaster; 2017-05-16 at 12:21.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #274
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Thunderbird 52.1.1 released

    FYI...

    Thunderbird 52.1.1 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    May 15, 2017

    Fixed:
    - Large attachments may not be shown or saved correctly if the message is stored in an IMAP folder which is not synchronized for offline use
    - Unable to load full message via POP if message was downloaded partially (or only headers) before
    - Some attachments can't be opened or saved if the message body is empty
    - Crash when compacting IMAP folder

    Known Issues:
    unresolved:
    - Large number of blank pages being printed under certain circumstances
    - Crash due to incompatibility with McAfee Anti-SPAM add-on. Workaround: Start in safe mode and -disable- McAfee Anti-Spam Extension

    Complete list of changes in this release:
    - https://bugzilla.mozilla.org/buglist...ormat=advanced
    19 bugs found.

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/

    Last edited by AplusWebMaster; 2017-05-17 at 15:26.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #275
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation WordPress 4.7.5 released

    FYI...

    WordPress 4.7.5 released
    - https://wordpress.org/news/2017/05/wordpress-4-7-5/
    May 16, 2017 - "WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
    WordPress versions 4.7.4 and earlier are affected by six security issues:
    - Insufficient redirect validation in the HTTP class...
    - Improper handling of post meta data values in the XML-RPC API...
    - Lack of capability checks for post meta data in the XML-RPC API...
    - A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog...
    - A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files...
    - A cross-site scripting (XSS) vulnerability was discovered related to the Customizer...
    In addition to the security issues above, WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series. For more information, see the release notes* or consult the list of changes**..."
    * https://codex.wordpress.org/Version_4.7.5

    ** https://core.trac.wordpress.org/quer...order=priority
    ___

    - http://www.securitytracker.com/id/1038520
    May 18 2017
    Impact: A remote user can take actions on the target system acting as the target authenticated user.
    A remote user can cause the target user's browser to be -redirected- to an arbitrary web site.
    A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WordPress software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
    The impact was -not- specified for two vulnerabilities.
    Solution: The vendor has issued a fix (4.7.5)...
    ___

    - https://www.us-cert.gov/ncas/current...ecurity-Update
    May 17, 2017

    Last edited by AplusWebMaster; 2017-05-18 at 19:38.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #276
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Adblock Plus 2.9 for Firefox

    FYI...

    Adblock Plus 2.9 for Firefox released
    - https://adblockplus.org/releases/adb...refox-released
    2017-05-25

    Install Adblock Plus 2.9 for Firefox

    "This release lays important groundwork for the Web Extensions migration. The way Adblock Plus stores its data has changed drastically, though for users everything should stay exactly the same (issue 5048). The new location of your filters and subscriptions is the browser-extension-data/{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}/storage.js file in your Firefox profile, the same data will be used by the Adblock Plus build based on the Web Extensions platform once it is ready.
    Additional changes:
    - The hidden data_directory and please_kill_startup_performance preferences have been removed.
    - It is now possible to use { and } in CSS property filters (issue 4684)."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #277
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation WordPress 4.8 released

    FYI...

    WordPress 4.8 released
    - https://wordpress.org/download/
    Jun 8, 2017 - "The latest stable release of WordPress (Version 4.8) is available..."

    Changelog
    > https://codex.wordpress.org/Changelog/4.8

    > https://codex.wordpress.org/Version_4.8

    > https://wordpress.org/download/release-archive/

    Updating WordPress
    > https://codex.wordpress.org/Upgrading_WordPress

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #278
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Adblock Plus 2.9.1 for Firefox

    FYI...

    Adblock Plus 2.9.1 for Firefox released
    - https://adblockplus.org/releases/adb...refox-released
    2017-06-07

    Install Adblock Plus 2.9.1 for Firefox

    "Unfortunately, the Adblock Plus 2.9 release didn’t go as smoothly as we hoped for. Most importantly, the performance degradation caused by the new data storage turned out more severe than we expected, some users were experiencing regular noticeable browser hangs. While the performance of reading and saving Adblock Plus filters hasn’t improved yet, we turned off filter hit counts by default in Adblock Plus 2.9.1 as a first consequence to make sure the data no longer needs to be saved that often (issue 5298). Users who need this functionality can turn it back on by clicking the ABP icon, going into “Options” and checking “Count filter hits.”
    We will be looking into other ways to improve this, even though the main issue can only be resolved by the Firefox developers. It also wasn’t noticed before release that the new data storage doesn’t work in Thunderbird and SeaMonkey, so these users ended up with filters being reset on each restart. This has also been resolved in Adblock Plus 2.9.1 (issue 5279, issue 5285), the original data should show up again now..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #279
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,632

    Exclamation Thunderbird 52.2.0 released

    FYI...

    Thunderbird 52.2.0 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    June 14, 2017
    What’s New:
    Fixed:
    - Embedded images not shown in email received from Hotmail/Outlook webmailer
    - Detection of non-ASCII font names in font selector
    - Attachment not forwarded correctly under certain circumstances
    - Multiple requests for master password when GMail OAuth2 is enabled
    - Large number of blank pages being printed under certain circumstances when invalid preferences were present
    - Messages sent via the Simple MAPI interface are forced to HTML
    - Calendar: Invitations can't be printed
    - Mailing list (group) not accessible from macOS or Outlook address book
    - Clicking on links with references/anchors where target doesn't exist in the message not opening in external browser

    Various security fixes:
    - https://www.mozilla.org/en-US/securi...hunderbird52.2

    - https://www.mozilla.org/en-US/securi...s/mfsa2017-17/
    Critical:
    CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
    CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2, and Thunderbird 52.2

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/
    ___

    - https://www.us-cert.gov/ncas/current...ecurity-Update
    June 15, 2017

    Last edited by AplusWebMaster; 2017-06-16 at 13:07.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •