Anouncements

Recent security issues in CMS

  • Drupal (version <8.3.4 και <7.56)

latest CMS releases

  • Version 8.3.4 and 7.56 of Drupal in June 2017
  • Version 4.8 of Wordpress in June 2017
  • Version 3.7.2 of Joomla! in May 2017

The following critical security issues have occured for Wordpress CMS for which is essential to update to the latest version 4.7.2 and Joomla CMS that you should update to version 3.6.5.

Recent CMS Security Issues

A vulnerability found on the Linux Kernel that permits local unprivileged users to run arbitrary code with administrative privileges. Latest security upgrades should be applied in order to secure systems against possibly attacks.

More information on the following links.

Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability—referred to as DROWN in public reporting—may allow a remote attacker to obtain the private key of a server supporting SSLv2.

Core - Session Hardening

Description

 

You can read an interesting article about ransomware on the following link

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:

No other fixes are included.

A Joomla 3.4.5 release containing a security fix will be published on Thursday 22nd October at approximately 14:00 UTC

The Joomla Security Strike Team (JSST) has been informed of a critical security issue in the Joomla core.

Since this is a very important security fix, please be prepared to update your Joomla installations next Thursday.

Until the release is out, please understand that we cannot provide any further information.

 

October 2015 NTP Security Vulnerability Announcement (Medium)


NTF's NTP Project has been notified of 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015

For more information please visit http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Pages