Blogroll Category: Technology

I read blogs, as well as write one. The 'blogroll' on this site reproduces some posts from some of the people I enjoy reading. There are currently 84 posts from the category 'Technology.'

Disclaimer: Reproducing an article here need not necessarily imply agreement or endorsement!

PHP 7.4.0RC6 Released!

PHP - Thu, 14/11/2019 - 19:01
Categories: Technology

Floating Button Menu - Critical - Unsupported - SA-CONTRIB-2019-091

Drupal Contrib Security - Wed, 13/11/2019 - 18:11
Project: Floating Button MenuDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Webform Multiple File Upload - Critical - Unsupported - SA-CONTRIB-2019-090

Drupal Contrib Security - Wed, 13/11/2019 - 18:10
Project: Webform Multiple File UploadDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Commerce Ingenico - Critical - Unsupported - SA-CONTRIB-2019-089

Drupal Contrib Security - Wed, 13/11/2019 - 18:10
Project: Commerce IngenicoDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

SendinBlue - Critical - Unsupported - SA-CONTRIB-2019-088

Drupal Contrib Security - Wed, 13/11/2019 - 18:09
Project: SendinBlueDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Make Meeting Scheduler - Critical - Unsupported - SA-CONTRIB-2019-087

Drupal Contrib Security - Wed, 13/11/2019 - 18:09
Project: Make Meeting SchedulerDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Webform Report - Critical - Unsupported - SA-CONTRIB-2019-086

Drupal Contrib Security - Wed, 13/11/2019 - 18:08
Project: Webform ReportDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Nodequeue - Critical - Unsupported - SA-CONTRIB-2019-085

Drupal Contrib Security - Wed, 13/11/2019 - 18:07
Project: NodequeueDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Taxonomy CSV import/export - Critical - Unsupported - SA-CONTRIB-2019-084

Drupal Contrib Security - Wed, 13/11/2019 - 18:06
Project: Taxonomy CSV import/exportDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Feeds JSONPath Parser - Critical - Unsupported - SA-CONTRIB-2019-083

Drupal Contrib Security - Wed, 13/11/2019 - 18:06
Project: Feeds JSONPath ParserDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Field Slideshow - Critical - Unsupported - SA-CONTRIB-2019-082

Drupal Contrib Security - Wed, 13/11/2019 - 18:05
Project: Field SlideshowDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Bugsnag - Critical - Unsupported - SA-CONTRIB-2019-081

Drupal Contrib Security - Wed, 13/11/2019 - 18:04
Project: BugsnagDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Noggin - Critical - Unsupported - SA-CONTRIB-2019-080

Drupal Contrib Security - Wed, 13/11/2019 - 18:04
Project: NogginDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Bypass Form Validations - Critical - Unsupported - SA-CONTRIB-2019-079

Drupal Contrib Security - Wed, 13/11/2019 - 18:03
Project: Bypass Form ValidationsDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Nexus Theme - Critical - Unsupported - SA-CONTRIB-2019-078

Drupal Contrib Security - Wed, 13/11/2019 - 18:02
Project: Nexus ThemeDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Frequently Asked Questions - Critical - Unsupported - SA-CONTRIB-2019-077

Drupal Contrib Security - Wed, 13/11/2019 - 18:00
Project: Frequently Asked QuestionsDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Administration Views - Critical - Unsupported - SA-CONTRIB-2019-076

Drupal Contrib Security - Wed, 13/11/2019 - 15:10
Project: Administration ViewsDate: 2019-November-13Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

Categories: Technology

Midwest PHP Call For Papers Open

PHP - Wed, 06/11/2019 - 19:47
Categories: Technology

Update on the phishing email attempt to some Postmark customers

Postmark - Wed, 06/11/2019 - 17:41
What happened, and what did we do?

Yesterday (November 5, 2019) two phishing emails were sent to a broad list of email addresses that included both Postmark customers as well as non-customers. The first had the subject line “Your invoice (100421) with Postmark Service is due”. The second, cleverly sent after we put up an in-app notice about the attack, had the subject line “Warning ! email phishing attempt”.

Both of these emails included suspicious links to a mirror site where the attacker could steal usernames and passwords. We became aware of the attempt within minutes, and we immediately took several steps to mitigate it, including disabling logins on our site and working with the phishing site’s hosting company to get the mirror site taken down. We also sent an email to customers to warn them about the attempt.

How did it happen?

The main question we received from customers is, how did the attackers get my email address? We want to be clear that Postmark’s customer data was not compromised. We are still investigating how the attackers collected these email addresses, but at this point, we’re reasonably certain that they used a combination of public email and DNS lookup services to put their list together.

Next steps

This is also a good reminder to everyone to please set up 2-factor authentication for your account. That is the best way to protect yourself from a phishing attempt like this.

If you think you might have been affected by this attempt, or if you have any additional questions on how to protect your account, please get in touch with our support team.

We are meeting as a team over the next day or so to evaluate if there are additional steps we can take to prevent future attempts like this. In the next few weeks our CTO Chris Nagele will also write a more general, detailed post about how the attempt occurred, with additional information on how to mitigate similar attempts for your own apps.

Categories: Technology

Open Social - Critical - Insecure Session Management - SA-CONTRIB-2019-075

Drupal Contrib Security - Wed, 06/11/2019 - 16:10
Project: Open SocialDate: 2019-November-06Security risk: Critical 15∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Insecure Session ManagementDescription: 

Open Social is a Drupal distribution for online communities. The included social_magic_login module doesn't sufficiently validate magic login URLs for user accounts that do not have a local password, but login via external systems. The lack of validation makes it possible for an adversary to forge valid login URLs and login to such an account.

This vulnerability is mitigated by the fact the module social_magic_login needs to be enabled.

Solution: 

Install the latest version:

Alternatively, disable the module social_magic_login.

Also see the Open Social project page.

Reported By: 
  • Heine of the Drupal Security Team
Fixed By: Coordinated By: 
  • Heine of the Drupal Security Team
Categories: Technology

Pages

Subscribe to oakleys.org.uk aggregator - Technology
Additional Terms