Apple has released a security update for OS X 10.6 and OS X 10.5 machines, which addresses a number of security holes for both the client and server versions of these OS X releases. For the client version, the update fixes several problems that could lead to arbitrary code execution.
Articles similar to Apple Releases Security update 2010-005 for OS X 10.5 and 10.6:
WordPress 3.0.4 Security Update
The WordPress dev team has released the WordPress 3.0.4 security update to fix a core security bug in the HTML sanitation library. This particular version or release is classified as “critical” so all self-hosted WordPress users are advised to update/upgrade their WordPress installation ASAP!Here’s an excerpt of the official announcement from the WordPress blog:Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”WordPress 3.1.4 (and 3.2 Release Candidate 3)
WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions.
This release fixes an issue that could allow a malicious Editor-level user to gain further access to the site. Thanks K. Gudinavicius of SEC Consult for bringing this to our attention. Version 3.1.4 also incorporates several other security fixes and hardening measures thanks to the work of WordPress developers Alexander Concha and Jon Cave of our security team. Consult the change log for more details.
Download WordPress 3.1.4 or update immediately from the Dashboard → Updates menu in your site’s admin area.WordPress 3.1.2
WordPress 3.1.2 is now available and is a security release for all previous WordPress versions.
This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts.
The issue was discovered by a member of our security team, WordPress developer Andrew Nacin, with Benjamin Balter.
We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1.
Download 3.1.2 or update automatically from the Dashboard → Updates menu in your site’s admin area.Adobe Releases Tweaked Security Fix For ColdFusion
Although there may have been a little bit of confusion the first time around, a security fix released by Adobe is now completely ready to make ColdFusion users safer. Adobe has resolved one small problem with the fix and all users would do well to apply the update at this point.
A little background information: as explained by a security bulletin, “Important vulnerabilities have been identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. The vulnerabilities could lead to cross-site scripting and information disclosure.”
It turned out that some sort of naming conflict cropped up when a fix was applied with Cumulative Hot Fix 4 for ColdFusion 8.0.1, though, which was unfortunate.WordPress 3.1.3 (and WordPress 3.2 Beta 2)
WordPress 3.1.3 is available now and is a security update for all previous versions. It contains the following security fixes and enhancements:
Various security hardening by Alexander Concha.
Taxonomy query hardening by John Lamansky.
Prevent sniffing out user names of non-authors by using canonical redirects. Props Verónica Valeros.
Media security fixes by Richard Lundeen of Microsoft, Jesse Ou of Microsoft, and Microsoft Vulnerability Research.
Improves file upload security on hosts with dangerous security settings.
Cleans up old WordPress import files if the import does not finish.
Introduce “clickjacking” protection in modern browsers on admin and login pages.
Consult the change log for more details.Apple Can Fix the iPhone’s PDF Security Exploit (But Hasn’t Yet)
Apple stated today that it has already developed a fix for the iPhone and iPad security exploit that could let hackers do critical damage to your iOS device if you simply open a malicious PDF file. The fix will be implemented in the next software update, but that hasn’t happened yet. CNET quoted an Apple spokesperson saying, “We’re aware of this reported issue, we have already developed a fix and it will be available to customers in an upcoming software update.” No time frame was given for the update, but it’s sure to be soon because the exploit is quite severe.Opera delivers fixes in security, usability
Plugged security holes and stability fixes come to fans of the Opera browser as its Norwegian publisher releases a minor upgrade on Tuesday.
Report
Email this page
Share
