PrestaShop 1.7.3 is now available

PrestaShop announces the new 1.7.3 version, which includes improvements and new features.
Among the new features introduced we find:

  • PrestaTrust, a function which authenticates the code of the modules with PrestaTrust support and records the license information in the block-chain.
  • Right-to-left support: support for right-to-left languages (RTL) is added, such as Arabic, Hebrew, and Persian.
    A new set of demo products
  • UI kit for modules, core and back-end, with support for Bootstrap 4 jQuery 3.
  • Symfony: three new pages have been migrated to the popular PHP framework
  • Other features and improvements, such as setting delivery times, sending alerts when a product reaches low availability in stock, bulk actions in the stock, added localization in Icelandic and installation wizard in Japanese.

PrestaShop 1.7.3 is available at this address.

 Joomla 3.8.6 is now available

Joomla 3.8.6 is now available; this is a security release that doesn’t introduce any new feature, rather it fixes security issues and improves performances.
In particular, this release fixes an SQL Injection (SQLi) vulnerability.
Other improvements are about session management, performance of the com_content category view with filter by tags, reCAPTCHA V1 dismissal, and PHP 7.2 compatibility fixes.

The full release note document is available here.

WordPress 4.9.5 is now available

WordPress 4.9.5 is now available. This is a security release that doesn’t introduce any new feature, rather it fixes security issues. Improvements of this release include fixes to three different security problems: localhost is not treat as same host by default, safe redirects are used when redirecting the login page if SSL is forced and the version string is correctly escaped for use in generator tags.
There are 25 additional improvements, including:

  • The previous styles on caption shortcodes have been restored.
  • Cropping on touch screen devices is now supported.
  • A variety of strings such as error messages have been updated for better clarity.
  • The position of an attachment placeholder during uploads has been fixed.
  • Custom nonce functionality in the REST API JavaScript client has been made consistent throughout the code base.
  • Improved compatibility with PHP 7.2.

Moreover, a roadmap has been proposed to check the compliance to the upcoming GDPR.

Drupal fixes Dupalgeddon2

Drupal published patches that fix the issues due to Drupalgeddon2, the vulnerability that allowed hackers to gain full control of vulnerable sites.

Vulnerability CVE-2018-7600 is contained in the API that manage database queries and allows SQL injection attacks, thus allowing an hacked to send crafted requests that result in privilege escalation and PHP code execution. The vulnerability can be exploited by anonymous users by visiting a specific URL.
Drupal suggests to update as soon as possible.

The original Drupalgeddon happened in 2014 and left many sites vulnerable.

New versions of Magento are available

Magento has released new versions of Magento (Commerce and Open Source) 2.2.3, 2.1.12, 2.0.18 and SUPEE-10570 for Magento 1.x.

Patches include 50 security updates that solve, among others, CSRF, data leak and RCE vulnerabilities . Magento 2.2.3 introduces a more granular management of permissions for cache management tasks.

The updates are available for download and installation via My Account (Commerce version) or via the open source download page (Open Source version). Further information can be found at the following addresses:

Release notes for Magento Open Source versions are available at the following addresses:

Release notes for Magento Commerce versions are available at the following addresses:

.

banner eng

fb icon evo twitter icon evo

Word of the Day

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>

The acronym GDPR indicates the new General Data Protection Regulation, which will come into force on 25 May 2018. This...

>

The acronym DPO (Data Protection Officer) indicates the person or persons who, within the company context, are responsible for the...

>

InfiniBand is an input / output architecture for the transmission of data between high performance systems composed of CPUs, processors...

>

A Zero Day Exploit describes a situation in which specific and unknown vulnerabilities are disclosed to the public simultaneously with...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • GURU advisor: issue 13 - March 2017

    GURU advisor: issue 13 - March 2017

  • GURU advisor: issue 12 -  January 2017

    GURU advisor: issue 12 - January 2017

  • GURU advisor: issue 11 -  October 2016

    GURU advisor: issue 11 - October 2016

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1