Category Archives: Security Update

Keep Your Website Secure
Find out the important measures, including keeping software updated, that will keep your website secure here.

Piwik 2.13.0 Released

Piwik 2.13.0 was released today. The new version includes performance improvement, user interface improvements, and bug fixes. The new version also fixes a cross-site scripting (XSS) security vulnerability.

More information is available in the changelog.

 

Posted in Piwik, Security Update | Leave a comment

WordPress 4.2.1 Released

WordPress 4.2.1 was released today. The new version fixes a cross-site scripting security vulnerability that “could enable commenters to compromise a site”.

For those still running WordPress 4.0, and 4.1 new versions, 4.0.4 and 4.1.4 respectively, have been released that contain the same security fixes as 4.2.1.

More information is available in the release notice and Codex document.

 

Posted in Security Update, WordPress | Leave a comment

WordPress 4.1.2 Released

WordPress 4.1.2 was released today. The new version fixes several security vulnerabilities, including one that “a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site”.

For those still running WordPress 3.7, 3.8, 3.9, and 4.0 new versions, 3.7.6, 3.8.6, 3.9.4, and 4.0.2 respectively, have been released that contain the same security fixes as 4.1.2.

More information is available in the release notice and Codex document.

 

Posted in Security Update, WordPress | Leave a comment

Regular Support Ends For TYPO3 4.5

The end of regular support for TYPO3 4.5 has been announced. Version 6.2 is now the only supported long term support (LTS) release.

There is a paid program that provides extended support for 4.5 for another year.

Posted in End of Support, Security Update | Leave a comment

MediaWiki 1.19.24, 1.23.9, and 1.24.2 Released

MediaWiki 1.19.24, 1.23.9, and 1.24.2 were released yesterday. The new versions include fixes for 10 security issues, which include cross-site scripting (XSS) and denial of service (DoS) vulnerabilities. The new versions of 1.23 and 1.24 also include several bug fixes.

More information is available in the release announcement.

 

Posted in MediaWiki, Security Update | Leave a comment

Piwik 2.12.0 Released

Piwik 2.12.0 was released today. The new version includes performance improvements, security improvements, and bug fixes. One of the security improvements is that software updates are now done over a HTTPS connection.

More information is available in the changelog.

 

Posted in Piwik, Security Update | Leave a comment

Drupal 6.35 and 7.35 Released

Drupal 6.35 and 7.35 were release today. The new versions only include security fixes. Both versions include a fix for an access bypass vulnerability and an open redirect vulnerability.

More information is available in the security advisory for the releases.

 

Posted in Drupal, Security Update | Leave a comment

Moodle 2.6.10, 2.7.7, and 2.8.5 Released

Moodle 2.6.10, 2.7.7, and 2.8.5 were released today. The new versions include “small improvements”, bug fixes, and security fixes. Details of the security vulnerabilities fixed will be released later. Moodle 2.6.9, 2.7.6, and 2.8.4 were pulled shortly after release due to a regression introduced in those versions.

Update (March 16, 2015): Moodle has now released information on the security issue fixed in the releases. Among the vulnerabilities fixed is a serious denial of service (DOS) vulnerability and a minor cross-site scripting (XSS) vulnerability.

More information is available in the release notes for 2.6.10, 2.7.7, and 2.8.5.

 

Posted in Moodle, Security Update | Leave a comment

Joomla 3.4 Released, Support Ends For Joomla 3.3

Joomla 3.4 was released yesterday. The new version includes a number of improvements including improved front end module editing. The new version improves security with “Google reCaptcha” and “by implementing UploadShield code which can detect most malicious uploads by examining their filenames and file content”

With the release of Joomla 3.4, support has ended for Joomla 3.3 has ended.

More information is available in the release announcement.

 

Posted in End of Support, Joomla, Security Update | Leave a comment

PrestaShop 1.6.0.12 Released

PrestaShop 1.6.0.12 was released today. The new version includes numerous bug fixes, including for a security bug that could allow html code to be saved in places it set to not be allowed.

More information is available in the changelog.

 

Posted in PrestaShop, Security Update | Leave a comment