WordPress 3.3.1 is now available. This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3. Thanks to Joshua H., Hoang T., Stefan Zimmerman, Chris K., and the Go Daddy security team for responsibly disclosing the bug to our security team.
Download 3.3.1 or visit Dashboard → Updates in your site admin.
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. (CVSS:1.2) (Last Update:2012-01-31)
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. (CVSS:5.0) (Last Update:2012-11-06)
XTMv Line of Virtualized Firewalls Now Shipping to Beta Customers
Latest Analyst Market Data Shows WatchGuard as the #1 Multifunction Security Appliance Vendor for 15 Consecutive Quarters; Leads with 18.8 Percent Market Share
WatchGuard XTM OS Certified for Unified Threat Management (UTM) Appliances and Next-Generation Firewalls
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. (CVSS:5.0) (Last Update:2012-06-08)
WatchGuard XTM 2050 Designed Specifically for Large Corporate Customers, Campuses and Managed Security Service Providers; Includes Advanced Networking, Management and Reporting Features
WatchGuard XTM 330 Provides Next-Generation Security for Small Businesses
