There have been couple of security updates to WordPress recently and here comes an another one….
WordPress 2.8.4: Security Release
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.
We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.
This release also fixed the theme issue which I had with my admin interface. Entire wp-admin section used to display in white color and I was also unable to use the options ajax based option menus etc.
Thanks for the update guys!
A brilliant software engineer, Founder of LxLabs.com, creator of HyperVM – optimized virtualization technology which runs on both Xen and OpenVZ, “Host In a Box” solution LxAdmin/Kloxo for Web hosting companies, server owners, resellers – K.T Ligesh(32) commited suicide last night (8th June,2009) at his residence located in H.S.R Layout, Bangalore.
Yesterday night I was discussing with few of my colleagues about the recent vulnerability report logged on the net and the fixes released to patch it. Sadly I get to read this news in papers on returning home. His innovative products have made a very good name in industry in a very short span of time. A very hardworking talent, free and open source enthusiast and a guitarist. He always thrived provide a best and an optimized web hosting tool to hosting industry. Its a great loss to all of us.
I recall interacting with this genius engineer prior to his product launch and commenting on few initial glitches that I had noticed here at Instacarma. He has been such a great help during our further interactions on LxLabs forum etc. Instacarma family offers its deep condolences to his family and friends.
He puts a question mark in-front of us and LxAdmin’s future is unknown. There are more questions to be answered while his soul rests in peace.
News Source: TOI
Image Source: Kannada Prabha
HyperVM/Kloxo users are here by alerted to patch their installations by running the update script by LxLabs team.
Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.
Details of the vulnerabilities will be posted in the coming days in our forum.
On hyperVM or Kloxo master, Run:
Firefox released an update to stable version ie. 3.09 with lots of security and stability fixes.
Firefox 3.0.9 fixes several issues found in Firefox 3.0.8:
- Fixed several security issues.
- Fixed several stability issues.
- Many users experienced an issue where a corrupt local database caused Firefox to “lose” its stored cookies. (bug 470578)
- Fixed an issue where, starting with Firefox 3.0.7, inline image attachments on popular webmail services (like AOL and AIM) would not display. (bug 482659)
- Large forms would sometimes take a long time to submit. (bug 426991)
- In certain cases, new windows would not have proper focus. (bug 446568)
- See the Firefox 3.0.8 release notes for changes in previous releases.
See the complete list of bugs fixed.
Read the release notes here.
There are no new feature added into Firefox 3.09. If you really want to try new features, install Firefox 3.5 beta4.
Scott Radvan, Content Author, Red Hat APAC sent an email updating Fedora Linux fans about the availability of very-nearly-finished Security Guide. It has its focus on Fedora and it will be available in the upcoming Fedora 11 release.
He also invites reviews/comments on the work available here.