Category Archives: Security Update

Keep Your Website Secure
Find out the important measures, including keeping software updated, that will keep your website secure here.

MediaWiki 1.23.15, 1.26.4, and 1.27.1 Released

MediaWiki 1.23.15, 1.26.4, and 1.27.1 were released today. The new versions fix a number of security issues.

More information is available in the release announcement.

Posted in MediaWiki, Security Update | Leave a comment

Joomla 3.6.1 Released

Joomla 3.6.1 was released today. The new version includes bug fixes and fixes several “low level security issues”, including a cross-site scripting (XSS) vulnerability.

More information is available in the release announcement.

Posted in Joomla, Security Update | Leave a comment

Piwik 2.16.2 Released

Piwik 2.16.2 was released today. The new version includes some small new features, bug fixes, and fixes for several cross-site scripting (XSS) security issues.

More information is available in the changelog.

Posted in Piwik, Security Update | Leave a comment

concrete5 5.7.5.9 Released

concrete5 5.7.5.9 was released yesterday. The new version includes small feature improvements and bug fixes. The new version also “fixes minor security vulnerability with pagination parameters”.

More information is available in the release notes.

Posted in concrete5, Security Update | Leave a comment

TYPO3 6.2.26, 7.6.10 and 8.2.1 Released

TYPO3 6.2.26, 7.6.10, and 8.2.1 were released today. The new versions contain bug fixes and “critical security fixes”, including fixes for cross-site scripting (XSS), SQL injection, and unsafe unserialize vulnerabilities.

More information is available in the release notes for 6.2.267.6.10, and 8.2.1.

Posted in Security Update, TYPO3 | Leave a comment

Drupal 8.1.7 Released

Drupal 8.1.7 was released today. The new version includes a fix for a vulnerability in the third-party library Guzzle included and used in Drupal 8.

More information is available in the release notes.

Posted in Drupal, Security Update | Leave a comment

Moodle 2.7.15, 2.9.7, 3.0.5, and 3.1.1 Released

Moodle 2.7.15, 2.9.7, 3.0.5, and 3.1.1 were released today. All of the new versions include security fixes. Details of the security vulnerabilities fixed will be released in a week. Versions 3.0.5 and 3.1.1 also include “small improvements” and bug fixes.

Update (July 19, 2016): Moodle has now released information on the security issue fixed in the releases. The vulnerabilities fixed include a vulnerability that allowed users to send emails to arbitrary email addresses through Moodle.

More information is available in the release notes for 2.7.152.9.73.0.5, and 3.1.1.

Posted in Moodle, Security Update | Leave a comment

Drupal 7.50 Released

Drupal 7.50 was released today. The leap from 7.44 to 7.50 is due to more significant changes between minor versions than usually occurs. Among the changes is support for full UTF-8 (emojis, Asian symbols, mathematical symbols) when using a MySQL database and improved support for PHP versions, including PHP 7. The new version also fixes numerous bugs. While the new version doesn’t include “security fixes” it does include security improvements, including a new permission for administering fields and clickjacking protection is now on by default.

More information is available in the blog post and release notes for the new version.

Posted in Drupal, Security Update | Leave a comment

Magento 2.1.0 Released

Magento 2.1.0 was released today. The new version includes numerous bug fixes and minor improvements. It also includes security enhancements and fixes vulnerabilities that could potentially “be exploited to access customer information or take over administrator sessions”.

More information is available in the release notes.

Posted in Magento, Security Update | Leave a comment

WordPress 4.5.3 Released

WordPress 4.5.3 was released today. The new version fixes a number of bugs and fixes a number security vulnerabilities, including a couple of cross-site scripting (XSS) vulnerabilities.

More information is available in the release notice and Codex document.

Posted in Security Update, WordPress | Leave a comment