Blogs

Wordpress 2.9.2 security update

http://core.trac.wordpress.org/ticket/11922

Release overview:
http://core.trac.wordpress.org/query?
status=closed&group=resolution&order=priority&milestone=2.9.2&resolution
=fixed

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Wordpress 2.9.2 security update

http://core.trac.wordpress.org/ticket/11922

Release overview:
http://core.trac.wordpress.org/query?
status=closed&group=resolution&order=priority&milestone=2.9.2&resolution
=fixed

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Wordpress 2.9.2 security update

http://core.trac.wordpress.org/ticket/11922

Release overview:
http://core.trac.wordpress.org/query?
status=closed&group=resolution&order=priority&milestone=2.9.2&resolution
=fixed

"In add_menu_page(), the callback function gets hooked unconditionally.
$access_level is ignored."

It is recommended to update all versions of Wordpress to the newest
version, 2.9.2. Running version 2.9.1 or earlier should be treated as:

Tabnabbing phishing attack

http://searchbliss-webmaster.blogspot.com/2010/05/tabnabbing-new-phishin...

Apparently, when you move to another tab in your web browser, the tab you were originally using can detect that it has lost focus.  A malicious website can take the opportunity to load new content in the tab, change its title and appear to be a different website.

When you return, if you try to login using your credentials, you could be handing them over to a malicious source.

ClamAV 0.94 and older end of life and disabled on 2010-04-15

http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/

ClamAV has released an announcement that versions older than 0.95 will
be disabled after 2010-04-15.

ClamAV would like to release longer malware signatures that aren't
supported by pre-0.95 versions of ClamAV. For this reason, earlier
versions of ClamAV will break when new signatures are released.

Pages