mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

592
comptes actifs

#securityupdate

0 message0 participant0 message aujourd’hui

🔒 New Kitten & JSDB Releases

Security fix, JSDB 6.0.1.

This is a critical update.

• JSDB¹ versions 6.0.0 and below suffer from potential data corruption/arbitrary code execution as string keys were not being sanitised in the same way string values were² (so this is relevant to you if you’re storing untrusted data as keys in your data structures in JSDB and/or Kitten databases without carrying out any of your own sanitisation at the application level).

• The latest Kitten release uses JSDB version 6.0.1. Your deployment servers will automatically update in the next few hours. On your development machines, please run `kitten update` in your terminal or use the Update feature in Kitten Settings from your browser.

• If you are using Kitten’s Database App Modules³ feature in your apps, you will have installed JSDB manually and you should update your installation to version 6.0.1.

¹ codeberg.org/small-tech/jsdb/
² codeberg.org/small-tech/jsdb/i
³ kitten.small-web.org/reference

Codeberg.orgjsdbA zero-dependency, transparent, in-memory, streaming write-on-update JavaScript database for the Small Web that persists to a JavaScript transaction log.
#Kitten#SmallWeb#JSDB

🚨 Attention WordPress Users

WordPress has just released version 6.4.2, packed with critical security patches and enhancements. Updating immediately is key to safeguarding your site against potential vulnerabilities and ensuring a smooth, secure online experience for your visitors. Don't wait—update now and keep your WordPress site fortified! Oh, and don't forget your backups just to be sure!

wordpress.org/news/2023/12/wor

WordPress News · WordPress 6.4.2 Maintenance & Security ReleaseWordPress 6.4.2 is now available! This minor release features 7 bug fixes in Core. The fixes include a bug fix for an issue causing stylesheet and theme directories to sometimes return incorrect re…

This week’s news about the "Looney Tunes flaw" highlighted a condition which can allow a local user to access root privileges from the command line. Part of the RL Security team's task is to have mitigation strategies ready for such cases - reporting vulnerabilities and suggesting fixes upstream, and also writing our own extra packages.

This week, the Security SIG has published our extra packages and formalized a wiki: rockylinux.org/news/security-s #looneytunables #securityupdate #glibc