WordPress 4.8.2 is now available

WordPress release version 4.8.25.
This is a “Security and Maintenance Release” which introduces no new features, instead it fixes some security and performance issues of the most used CMS worldwide.
In particular these 9 problems are fixed, in addition to 6 performance fixes:

  • $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability.
  • A cross-site scripting (XSS) vulnerability was discovered in the oEmbed discovery. 
  • A cross-site scripting (XSS) vulnerability was discovered in the visual editor.
  • A path traversal vulnerability was discovered in the file unzipping code.
  • A cross-site scripting (XSS) vulnerability was discovered in the plugin editor. 
    An open redirect was discovered on the user and term edit screens.
  • A path traversal vulnerability was discovered in the customizer.
  • A cross-site scripting (XSS) vulnerability was discovered in template names.
  • A cross-site scripting (XSS) vulnerability was discovered in the link modal. 

The update is available within the dashboard or at this address.
Who wants to preview the upcoming new release, can test WordPress 4.9 beta 3. Obviously it’s only for testing purposes and must not be installed in production environments.

SWFUpload won’t be supported in the version of WordPress

SWFUpload is a JavaScript library that allows to upload files to a website with advanced features, like multiple selection, progress bar and client file size check. Despite being a novelty at its time, development stopped some years ago and several WordPress releases ago, as a consequence the popular CMS won’t support the library in its next release.
Some plugins that still use SWFUpload won’t be supported anymore, unless they switch to another library:

  • MailPoet 2
  • CodeStyling Localization
  • WP All Import
  • Profile Builder
  • Gallery Grand Flagallery

A complete list of themes and plugins that adopt the library is available at this address. If you use one of them, either change it or contact the developers.

Joomla 3.8.1 is now available

Joomla 3.8.1 has been released, and it’s the last release of the 3.8 family. The next versions, 3.9 and 4.0, will be released simultaneously. There are no new features, as this release focuses on performances and security.
Some minor bugs have been fixed, amongst them:

Let’s briefly recap the news of the previous 3.8 version, released at the beginning of september:

  • New Routing System - The new routing system gives users more control over their URL structure, including the often requested ability to remove IDs from URLs
  • Joomla! 4 Compatibility Layer - The development of Joomla! 4 has made some changes in how the core code is structured by migrating classes to use PHP namespaces. Joomla! 3.8 includes a mapping layer to allow developers to use the older class names while being able to take advantage of the new class name structure.
  • Improved Sample Data Installation - It is now possible to install sample data within your site backend after finishing the installation process, allows users to create their own generic data sets or extension developers to provide easy-to-install sample data for their extensions
  • Sodium Encryption Support - PHP 7.2 introduces the new sodium extension for processing encrypted data, through a polyfill of this library Joomla! 3.8 makes this new API available for all of our users even before they upgrade to PHP 7.2

The Joomla 3.8.1 update is available in the management dashboard or at this address.

Joomla World Conference in Rome, 17-19 november

The Joomla World Conference (JWC) is the annual Joomla conference and, arrived at its sixth edition, it will be held in Europe for the first time.
The city chosen for the event is Rome (Sheraton conference centre), from 17 to 19 november 2017.

The events -presentations, keynotes, workshops and sessions- will be held both in English and Italian with simultaneous translations, and they are aimed to an heterogeneous public: from professionals that work with Joomla everyday to those who don’t know the CMS and would like to understand it and improve their knowledge.
During the 3 days of the conference you can also attend the exams and become Joomla certified. Further information at this address.

Java 9 is now available

Oracle, after releasing a beta version for testing purposes, released version 9 of the Java Development Kit (JDK).
The delay of the release was justified by as “additional time required to move through the JCP process.”
So after three years from the release of Java 8, developers will appreciate the new version which fixes some problems and finally introduces modularization, which was left out in the previous version. Modularization makes Java more scalable and enhances the deployment on devices.
Improvements of the new version are about:

  • Modularity
  • Developer Convenience
  • Strings
  • Diagnostics
  • JVM options
  • Logging
  • Javadoc
  • JavaScript/HTTP
  • Native Platform
  • JavaFX
  • Images
  • Unicode

Further information are available at this site, and at this address you can download Java 9.

banner eng

fb icon evo twitter icon evo

Word of the Day

The term Edge Computing refers, when used in the cloud-based infrastructure sphere, the set of devices and technologies that allows...

>

The acronym SoC (System on Chip) describes particular integrated circuit that contain a whole system inside a single physical chip:...

>

The acronym PtP (Point-to-Point) indicates point-to-point radio links realized with wireless technologies. Differently, PtMP links connects a single source to...

>

Hold Down Timer is a technique used by network routers. When a node receives notification that another router is offline...

>

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  •  GURU advisor: issue 21 - May 2019

    GURU advisor: issue 21 - May 2019

  • GURU advisor: issue 20 - December 2018

    GURU advisor: issue 20 - December 2018

  • GURU advisor: issue 19 - July 2018

    GURU advisor: issue 19 - July 2018

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1