Category Archives: Security Update

Keep Your Website Secure
Find out the important measures, including keeping software updated, that will keep your website secure here.

concrete5 5.7.5.3 Released

concrete5 5.7.5.3 was released last Tuesday. The new version includes small feature improvements and bug fixes. The new version also fixes a possible cross-site request forgery (CSRF) vulnerability.

More information is available in the release notes.

Posted in concrete5, Security Update | Leave a comment

Moodle 2.7.11, 2.8.9, and 2.9.3 Released

Moodle 2.7.11, 2.8.9, and 2.9.3 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released in a week.

Update (November 17, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed are two cross-site scripting vulnerabilities.

More information is available in the release notes for 2.7.112.8.9, and 2.9.3.

Posted in Moodle, Security Update | Leave a comment

Magento 1.9.2.2 Released

Magento 1.9.2.2 was released yesterday. The new version includes the SUPEE-6788 security patch that “provides protection against several types of security-related issues, including remote code execution, information leaks and cross-site scripting”.

More information is available in the release notes.

Posted in Magento, Security Update | Leave a comment

Piwik 2.15.0 Released

Piwik 2.15.0 was released today. The new version includes a new user interface, new tools for power users, and “better overall performance and scalability”. The new version also fixes several security vulnerabilities.

More information is available in the changelog.

Posted in Piwik, Security Update | Leave a comment

Joomla 3.4.5 Released

Joomla 3.4.5 was released today. The new version fixes a high severity SQL injection vulnerability and two medium severity access control vulnerabilities that could lead to “read access to data which should be access restricted”.

More information is available in the release announcement.

Posted in Joomla, Security Update | Leave a comment

Drupal 7.41 Released

Drupal 7.41 was released today. The new version fixes a “Less Critical” open relay vulnerability in the Overlay module.

More information is available in the release notes.

Posted in Drupal, Security Update | Leave a comment

MediaWiki 1.23.11, 1.24.4, and 1.25.3 Released

MediaWiki 1.23.11, 1.24.4, and 1.25.3 were released on Friday. The new versions of 1.24 and 1.25 include bug fixes and all versions include several security fixes, including a fix for a path disclosure vulnerability.

More information is available in the release announcement.

Posted in MediaWiki, Security Update | Leave a comment

Revive Adserver 3.2.2 Released

Revive Adserver 3.2.2 was released yesterday. The new version fixes a number of security issues, the most serious being a local file inclusion (LFI) vulnerability.

More information is available in the release notice.

Posted in Revive Adserver, Security Update | Leave a comment

WordPress 4.3.1 Released

WordPress 4.3.1 was released today. The new version fixes three security issues, “two cross-site scripting vulnerabilities and a potential privilege escalation”. The new version also includes a number of bug fixes.

More information is available in the release notice and Codex document.

Posted in Security Update, WordPress | Leave a comment

Moodle 2.7.10, 2.8.8, and 2.9.2 Released

Moodle 2.7.10, 2.8.8, and 2.9.2 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released in a week.

Update (September 21, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a cross-site scripting (XSS) vulnerability and weak password recovery token generation.

More information is available in the release notes for 2.7.102.8.8, and 2.9.2.

Posted in Moodle, Security Update | Leave a comment