Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings.

CVE-2022-30337: WP Meta SEO

Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.31).

*   Details
*   Reviews
*   Installation
*   Support
*   Development

AMP for WP automatically adds Accelerated Mobile Pages (Google AMP Project) functionality to your WordPress site. AMP makes your website faster for Mobile visitors.

What’s New in this Version? | Priority Support | View Demo | Screenshots | Community

**Extensions**  
Some useful extensions to extend AMP features, check AMP Adsense Support, Contact Form 7 Support, Email Opt-in Support and Call To Action Support. To view more, go to our Extensions page.

**Support**  
We try our best to provide support on WordPress.org forums. However, We have a special community support where you can ask us questions and get help about your AMP related questions. Delivering a good user experience means a lot to us and so we try our best to reply each and every question that gets asked.

**Bug Reports**  
Bug reports for AMP for WP are welcomed on GitHub. Please note GitHub is _not_ a support forum, and issues that aren’t properly qualified as bugs will be closed.

**Features:**

*   NEW – Gutenberg Support
*   NEW – Divi and Elementor Support More Info
*   NEW – GDPR Compliance
*   NEW – Google PageSpeed Optimization with SSR (Server Side Rendering)
*   NEW – CSS Optimization (Tree Shaking) – This will automatically remove all the unused CSS from your AMP pages
*   NEW – Google Font API and Local Fonts Support For All Designs
*   Out of the box compatibility for Yoast SEO, All in One Seo, Rank Math, Genesis, SEOPress, Bridge Qode SEO, The SEO Framework, SmartCrawl and Squrilly SEO Plugin.
*   Introducing Page Builder 3.0 for AMP! Learn More & Video
*   New Default Theme for AMP called Swift
*   3 Pre-built AMP Layouts for Business websites and landing pages
*   OneSignal and TruePush Push Notifications integration
*   Advanced WooCommerce Support More Info
*   AMP Plugins Manager – Which allows you to disable a specific plugin functionality only in the AMP version
*   Structured Data Options
*   Page Break / NextPage (Pagination) Support
*   Contact Form 7 Support More Info
*   Graviry Form Support More Info
*   Caldera Form Support More Info
*   Ninja Form Support More Info
*   Facebook Comments Support
*   Github Gist Support
*   Email Opt-in Subscription form support in AMP added
*   Call to Action boxes and notification bars
*   9 Advertisement sizes – 2 More AD slots added recently
*   Comments Forms in AMP.
*   Native AMP Search functionality.
*   Design 3 Watch the Video Overview
*   Disqus Comments Support
*   Vuukle Comments Support
*   Spot.IM Comments Support
*   Google Tag Manager Support
*   Page, Category & Tags Support Added
*   Custom AMP Editor – Which allows you to override your Content that you had written in Post or page, so you can add the different content just for AMP.
*   Mobile Redirection – More than 50% of your traffic is from mobile and you aren’t doing anything to improve their user experience, which means you are falling behind on SEO and it can result in lower SERPS. Lightning fast mobile version means faster User experience means more engagement which directly results in the lower bounce rate.
*   Custom Post Type Support
*   Custom Taxonomies Support
*   Star Ratings
*   Drag & Drop Page builder Added
*   4 Designs for AMP
*   AMP WooCommerce Support
*   Switch on/off Support for Pages & Posts on AMP
*   Translation Panel & RTL
*   Internal AMP linking – You can browse AMP pages internally
*   Related posts below the post
*   Recent Comments list
*   Automatically integrate AMP to your website.
*   Google Adsense (AMP-AD) Support with 6 different Ad slots across the layout! The First Plugin to have this capability.
*   Built in MGID Ads Support with 6 different ad slots.
*   Google Analytics Support.
*   User Friendly Theme Options Panel.
*   Unlimited Color Scheme.
*   Image Logo Upload.
*   Supports Posts and Pages and other custom post types.
*   Proper rel canonical tags which means that Google know the original page.
*   Overlay Navigation Menu bar.
*   Social Sharing in the Single.
*   Sexy Design.
*   Separate WordPress Menu for AMP version.
*   Page builder & Shortcodes Compatibility.
*   Carousel support for Gallery.
*   Better Image stretching and resizing.
*   Youtube Video Embed Support.
*   Vine Embed Support.
*   Twitter oembed Support.
*   Instagram Embed Support.
*   Facebook Video Embed Support.
*   RTL Support
*   Custom AMP FrontPage
*   Notifications
*   Alexa Metrics, Chartbeat, Hi-stats, Yandex Metrika, Piwik, Segment.com, StatCounter, Effective Measure and comScore Builtin Support
*   Incontent & DoubleClick Support
*   Great Support & Active Development.
*   Widgets & WooCommerce
*   Breadcrumb Support added
*   Facebook Instant Articles Support Added
*   AMP Installation Wizard that makes it easy to setup for new users.
*   Category base remover support
*   Tag base remover support
*   Addthis Sharing Support
*   Infinite Scroll Support
*   Photo Gallery by 10Web Support
*   12 New Social Media Integrations added (Reddit, Tumblr, Telegram, Digg, StumbleUpon, Wechat, Viber, Hatena Bookmarks, Pocket, Yummly, MeWe, Flipboard)
*   AMP Theme Framework Core Support Added. You can now create AMP templates of your own in just minutes. **More**
*   NEW – Make AMP & Non-AMP Same with just one click!
*   NEW – Allows you to use AMP as primary website!

**JOIN CHAT GROUP COMMUNITY**: Purpose of this group is to get proper suggestions and feedback from plugin users and the community so that we can make the plugin even better.

**Getting Started:**

**1\. User Documentation:** The AMP for WordPress plugin is easy to setup but we have some tutorials and guides prepared for you which will help you dive deep with the plugin.

**2\. Developer Docs:** We have created special documentations for developers and semi technical users who are willing to modify the plugin according to their own needs.

**3\. Support:** We try our best to provide support on WordPress.org forums. However, We have a special community support where you can ask us questions and get help about your AMP related questions. Delivering a good user experience means a lot to us and so we try our best to reply each and every question that gets asked.

**4\. Premium Support:** We will personally take care that your website’s AMP version is perfectly validated. We will make sure that your AMP version gets approved and indexed by Google Webmaster Tools properly and we will even keep an eye on AMP updates from Google and implement them into your website.

**Credits**

Some code used in this plugin was forked from ‘AMP for WordPress’ plugin https://wordpress.org/plugins/amp/ – License URI: http://www.gnu.org/licenses/gpl-2.0.html.  
Mobile & Tablet detection library used https://github.com/serbanghita/Mobile-Detect – License URI: https://github.com/serbanghita/Mobile-Detect/blob/master/LICENSE.txt  
PHP CSS Parser library used https://github.com/sabberworm/PHP-CSS-Parser – License URI: https://github.com/sabberworm/PHP-CSS-Parser#license (PHP-CSS-Parser is freely distributable under the terms of an MIT-style license.)  
AMP Optimizer library used https://github.com/ampproject/amp-toolbox/tree/main/packages/optimizer – License URI: https://github.com/ampproject/amp-toolbox#license (AMP Toolbox is made by the AMP Project, and is licensed under the Apache License, Version 2.0.)

**Visit Help area for the Documentation:**

**Visit Help area for the Documentation:**

**Can I add analytics?**

Yes, you easily can. In fact, we have support for 12 Analytics companies. Including Google Analytics, Facebook Pixel, StatCounter, QuantCast, Chartbeat, comScore to list a few. Also, we have Google Tag Manager (GTM) support as well.

**Can I add Ads in my AMP pages?**

Yes, you can. We have 6 ad placement slots that are built in and strategically placed to get maximum views. Also, we have an extension from which you can insert ads between the content, will get more ad slots and also add custom banners to all the available slots.

**Can I extend/Change the AMP design, so it suits my needs?**

Yes, you easily can. We have created this plugin in such a way that it can easily be extended. Check out our AMP Theme Framework

**Do you have any prebuilt designs?**

Yes, we have AMP themes section where we have free and paid designs available. We also update it regularly. You can check it out our AMP Themes

**I’m a developer and I want to add custom functionality for a client, can I do that?**

Yes, of course. This plugin is very developer friendly, we have lots of hooks and filters that you can use to extend and customize according to the requirements. Also, we have developer documentation which we update regularly.

**How do I report bugs and suggest new features?**

You can report the bugs here

**Will you Add New features to my request?**

Yes, Absolutely! We would suggest you send your feature request by creating an issue in Github . It helps us organize the feedback easily.

**How do I get in touch?**

You can contact us from here

![](https://secure.gravatar.com/avatar/07a56c90a427c263a8869831ac3d4dbd?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/77c97f0a2554cda5665547de84627aa7?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/a9ae7d27e349e44228648b192d446441?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/55d75b898bf4f3d2e17b0d039bad6ad1?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/92979f9c6fff838534ae94cc98d95b1c?s=60&d=retro&r=g)

![](https://secure.gravatar.com/avatar/6b099f0b6c687abe2e8b3a8ae45d1ac1?s=60&d=retro&r=g)

Cheaters, they offered the discount on their pricing page. But their discount disappeared in cart. i tried it many times, no discount was applied on my order. i contacted many times the support team, but every time they offers me 50% discount on new purchase to compensate, they are not ready to return my extra charged money. moreover, plugin is full of waste, because of their unprofessional services.

Read all 1,208 reviews

“AMP for WP – Accelerated Mobile Pages” is open source software. The following people have contributed to this plugin.

Contributors

**1.0.77.38 (7th March 2022)**

*   Improvements: Added The Publisher Desk Support #5213
*   Fixed: Displaying a blank white screen when embed URLs are used #5193

1.0.77.37.1 (4TH March 2022)  
\* Improvements: Added new infinite scrolling experience #4791  
\* Fixed: The links in embed URLs are not clickable #5193

**1.0.77.37 (2nd March 2022)**

*   Improvements: Added feedback form with auto email system #5223
*   Improvements: Added new infinite scrolling experience #4791
*   Improvements: Added An option to add lang\_ and privacyMode values in Quantcast #5206
*   Improvements: Added FireWork compatibility #5210
*   Fixed: AMP autocomplete tag is not working #5217
*   Fixed: Autoplay functionality not working in video module #5219
*   Fixed: Fonts loading twice in Global font family #5220
*   Fixed: Unable to connect to Matomo analytics #5221

**1.0.77.36 (18th February 2022)**

*   Fixed: If the server-side cache is aggressive then the pagination URL with ?amp=1 is redirecting to non-AMP #5208
*   Fixed: Errror getting in featured-image.php, on line 77 #5207
*   Fixed: Need to keep the mobile redirection filter outside of any condition #5216

Full changelog available at changelog.txt

CVE-2021-23150: AMP for WP – Accelerated Mobile Pages

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

**3 comments on commit d6cd140**

**Choose a reason for hiding this comment**

The reason will be displayed to describe this comment to others. Learn more.

@akallabeth are all uninitialized pointers guaranteed to always be set to NULL? I noted that the CVE page states that this patch is re an uninitialized pointer issue, but if the uninitialized pointer is not specifically set to NULL, it will still pass this check.

**Choose a reason for hiding this comment**

The reason will be displayed to describe this comment to others. Learn more.

@tcullum-rh the rdp struct is initialized with calloc so yes.

**Choose a reason for hiding this comment**

The reason will be displayed to describe this comment to others. Learn more.

@akallabeth awesome, thanks and thank you for all your hard work on this project!

Please sign in to comment.

CVE-2020-13397: Fixed GHSL-2020-101 missing NULL check · FreeRDP/FreeRDP@d6cd140

Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability

Release Information: Product: AvalanchePremise\_6.4.1.236 Description: Avalanche Premise 6.4.1.236 for Windows Version: v6.4.1.236 Notes: Avalanche 6.4.1.236 Release What's New in This Version -------------------------- Security hardening fixes to for the following reported issues: CVE-2022-43554 ZDI-CAN-19502 CVE-2022-43555 ZDI-CAN-19503 CVE-2023-41725 ZDI-CAN-21006 CVE-2023-32567 ZDI-CAN-21030 CVE-2023-41726 ZDI-CAN-21231 Reported by Trend Micro's Zero Day Initiative \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.4.1 Description: Avalanche Premise 6.4.1 for Windows Version: v6.4.1.207 Notes: Avalanche 6.4.1 Release What's New in This Version -------------------------- Security hardening fixes to for the following reported issues: CVE-2023-32560 TRA-470 Reported by a researcher at Tenable CVE-2023-32561 ZDI-CAN-20904 CVE-2023-32562 ZDI-CAN-20991 CVE-2023-32563 ZDI-CAN-21081 CVE-2023-32564 ZDI-CAN-21002 CVE-2023-32565 ZDI-CAN-21004 CVE-2023-32566 ZDI-CAN-21005 Reported by Trend Micro's Zero Day Initiative \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.4.0 Description: Avalanche Premise 6.4.0 for Windows Version: v6.4.0.186 Notes: Avalanche 6.4.0 Release What's New in This Version -------------------------- New features and enhancements: -Added scheduled reboot functionality -Added reboot functionality to WindowsCE device details page for supported devices/enabler -Added scheduled and manual reboots to Audit Log -Android Client Admin password moved to Android Restriction Payload from SDS Profile -Update Play Store search results UI in AE software payload -Update Play Store search results UI in AE restrictions payload -Add major os version device property to Smartdevices (SDS Controlled) OsVer 9.1.2 => OsVerMajor 009 OsVer 11.3 => OsVerMajor 011 OsVer 13 => OsVerMajor 013 OsVer funkyformat => OsVerMajor 000 OsVer missing => OsVerMajor 000 -The default CFS/LFS port is changed to 9019 in the installer on a clean install to avoid possible conflict with neurons/cloud agent -Scan to Config Profile UI updated to modern design Deprecated features: -5.3 Migration support removed. To upgrade from 5.3, you first need to upgrade to 6.2 or 6.3 , then updgrade to 6.4.0 -GCM settings retired: Remove GCM configuration in SDS profile Remove GCM as option in Enrollment rules if a pre-existing enrollment rule from 6.3 or previous had GCM set as the notification type, it will get changed to ANS in 6.4 Security hardening: -InfoRail Router encryption enforcement -InfoRail Access control API key creation page in support and licensing page -InfoRail API key field added to remote dserver installers -InfoRail options screen added to Installer (clear existing keys, legacy access, legacy ACE access) -User password strength on user password creation/edit -Double password fields (enter/confirm) have been changed to a single password field with a toggle to view password on creation or edit -Passwords are no longer viewable after changes have been saved \*\*Password fields in legacy WIndowsCE profiles have not been changed Fixes: Defect: Clicking on smart device location history logout and exception error Defect: dserver Profiles not displayed in deployment dialog Defect: Avalanche inventory search bar fails to retrieve devices by serial number Defect: SDS not observing the check in time interval, always using 24hrs Fix to address ZDI-CAN-17729 Fix to address ZDI-CAN-17750 Fix to address ZDI-CAN-17769 Fix to address ZDI-CAN-17812 Fix to address ZDI-CAN-19513 \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Product: AvalanchePremise\_6.3.4 Description: Avalanche Premise 6.3.4 for Windows Version: v6.3.4.153 Notes: Avalanche 6.3.4 Release What's New in This Version: Support for Battery Campaigns in Neurons Support for Device Actions in Neurons User Management: Neurons Access Token has been added to allow device commands to be sent from Neurons. Audit Log: Device commands sent from Neurons will be captured and filterable in the audit log. Fixes: Fix to address CVE-2021-44228 Fix to address CVE-2022-22965 Fix to address ZDI-CAN-15301 Fix to address ZDI-CAN-15328 Fix to address ZDI-CAN-15329 Fix to address ZDI-CAN-15330 Fix to address ZDI-CAN-15332 Fix to address ZDI-CAN-15333 Fix to address ZDI-CAN-15449 Fix to address ZDI-CAN-15493 Fix to address ZDI-CAN-15528 Fix to address ZDI-CAN-15919 Fix to address ZDI-CAN-15966 Fix to address ZDI-CAN-15967 \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.3.3 Description: Avalanche Premise 6.3.3 for Windows Version: v6.3.3.101 Notes: Avalanche 6.3.3 Release What's New in This Version: User Management: Neurons Access Token has been added to allow device commands to be sent from Neurons. Audit Log: Device commands sent from Neurons will be captured and filterable in the audit log. Android Enterprise Restrictions Payload: Allow Developer Options to be enabled on the Android Enterprise devices in Fully Managed mode. Configuring Windows (AIDC) Software Packages: Single use password is now issued and required for launching configuration utilities with software packages. Device Details: Device actions are now enabled or disabled based on the reporting of the enabler capabilities property. Data Repository Service: The DRS has been removed. File and OS Update payloads that used DRS will need to be updated to use the Central FileStore. Component Updates: Updated to Java 15 Updated to Tomcat 9.0.56 Fixes: Fix to address Remote Control service startup error when port 80 is blocked. Fix to address CVE-2021-30497 Fix to address ZDI-CAN-14123 Fix to address ZDI-CAN-14187 Fix to address ZDI-CAN-14188 Fix to address ZDI-CAN-15130 Fix to address ZDI-CAN-15137 Fix to address ZDI-CAN-15168 Fix to address ZDI-CAN-15169 Fix to address ZDI-CAN-15200 Fix to address ZDI-CAN-15217 Fix to address ZDI-CAN-15251 \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.3.2 Description: Avalanche Premise 6.3.2 for Windows Version: v6.3.2.3490 Notes: Avalanche 6.3.2 Release What's New in This Version: Printer management. Discover printers in the warehouse and bring them under management with a streamlined, remote provisioning process. Once your printers are managed by Avalanche, push files and settings to them, receive real-time alerts from them, and view their status remotely. Velocity configuration manifests. Create Velocity manifests to distribute Velocity configuration files from the Central File Store to your Android Enterprise devices. NFC provisioning for Android Enterprise. Use NFC provisioning to send Wi-Fi and enrollment information from an enrolled fully managed Android Enterprise device to new devices. QR code provisioning for Android Enterprise. Use QR code provisioning to send Wi-Fi and enrollment information from an enrolled fully managed Android Enterprise device to new devices. Android Enterprise enabler customization. Use an Android Enterprise enabler customization payload to configure the appearance of the enabler. Credentials certificate payload for Android. Use credentials certificate payloads with Wi-Fi payloads to verify the user or server identity when connecting to enterprise networks with Android and Android Enterprise devices. Temporarily disable lock task mode. To ease troubleshooting, temporarily disable lock task mode on a device from the console or the enabler. Android Enterprise provisioning profile. Use Android Enterprise provisioning profiles to create provisioning QR codes. Scan a provisioning QR code to enroll new fully managed devices with a reduced amount of device interaction. Reboot Android devices from the Avalanche Console. Launch apps on install or reboot. When creating an Android Enterprise software payload, you can select to launch the app on install or reboot. This option is important for installing remote control software. Fixes: Fix: Removed drag and drop in the folder tree. Drag and drop will continue to function when applying Smart Device and Printer profiles. Fix: Custom property changes to an individual device in the device details will not update all devices that share the same custom property. \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.3.1 Description: Avalanche Premise 6.3.1 for Windows Version: v6.3.1.1507 Notes: Avalanche 6.3.1 Release New Features and Improvements: Android Enterprise Support \*Support for Fully Managed and Dedicated Device (Kiosk) modes \*File Payload \*Restriction Payload (Fully Managed and Dedicated Device modes) \*Disable factory reset from settings \*Remove factory reset protection data \*System Update Policy Payload (Fully Managed and Dedicated Device modes) \*Wi-Fi Payload \*Scan to enroll support using the device camera \*Factory reset wipe command can remove factory reset protection data and wipe the SD card. \*Log file retrieval from device \*New Android Enterprise Enabler https://play.google.com/store/apps/details?id=com.ivanti.enterprise UI performance and user experience \*Load time improvements for Inventory, Profiles, and Rugged Device Details pages \*Inventory page has been split to three tabs: Device Inventory, Server Inventory, and Mobile Device Groups \*Smart Device Payloads have been moved to their own tab \*All Smart Device Payloads have been redesigned from a dialog based UI to a modern page design \*Smart Device Profile has been redesigned from a dialog based UI to a modern page design Velocity config support added for both Android and Android Enterprise management Create scan to enroll QR codes directly from Enrollment Rules UserVoice for Avalanche link UTC data model for custom columns to allow timestamp to be displayed as date and time. Fixes: Fix: Custom properties can now be saved in network and scan to configure profiles. Fix: Scan to configure, custom properties, and registry keys can now be edited after creation. Fix: Certificate Manager improvements \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.3.0 Description: Avalanche Premise 6.3.0 for Windows Version: v6.3.0.555 Notes: Avalanche 6.3.0 Release New Features and Improvements: Android Enterprise Work Profile Support \*Create new or enroll an existing Google Play Android Enterprise account \*Support for multiple enterprise accounts \*Enrollment Rules reference Google Play Android Enterprise accounts \*Passcode settings support for both Device and Work Profile \*Support for Google Enterprise Play Store apps, including configuration \*Runtime Permissions settings for Apps (Account wide for Google Enterprise or granular per app settings) \*Lock, Unenroll, Delete Work Profile \*New Android Enterprise Enabler https://play.google.com/store/apps/details?id=com.ivanti.enterprise FCM Notification Service support Panasonic OS Updates APN Payload for Android License upgrade from 6.2 to 6.3 (requires a restart of the eserver) Subscription License support HTTP/HTTPS Webserver configuration added to install Prerequisite Software settings for Manifest URL Software Payloads Outgoing IP address of router is reported as IP address setting added to Smart Device Profile Removed: Compliance Payload (Compliance status is now based on Android Enterprise Passcode Compliance) Fixes: Fix: Improved CFS logging Fix: Certificate Manager settings on reboot Fix: CFS access token expiration extended Fix: Android App Name handling with special characters Fix: CFS access token renewal Fix: Reduction in SDS device sync time with selection criteria Fix: Accessing device details from search no longer causes an error Fix: AIDC software profile now shows correct package type \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.2.2 Description: Avalanche Premise 6.2.2 for Windows Version: v6.2.2.197 Notes: Avalanche 6.2.2 Release New Features and Improvements: License upgrade option added to the web console (6.2.2 Only) Removed: Removed support for Java 7, Java 8 is now required Fixes: Security Fixes for CVE-2018-8901 and CVE-2018-8902 Security Fixes for Remote Control Web UI including JQuery updates Fixes to Central File Store configuration page \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Release Information: Product: AvalanchePremise\_6.2.0 Description: Avalanche Premise 6.2.0 for Windows Version: v6.2.0.602 Notes: Avalanche 6.2.0 Release Key New/Changed features Overview: Enrollment Enrollment rules now determine whether the enabler will use ANS or GCM as the notification service on android. A new type of enrollment rule has been created called a reference Enrollment Rule (Global Enrollment Rule) has been added that allows rules to be added at regions and deployed to multiple SDservers. You may add a folder that will be created and deployed at the root of all SDservers below the rules region. Broadcast to enroll When a enroll.prf file has been placed on the device with ‘broadcast’ as the server address, it will now perform a UDP broadcast to find a listening SDServer on the same subnet. Multiple Smart Device Servers The SDS node has been altered to have a local Inforail, SDServer, ANServer and File Store. In order to allow this, a SDServer profile has been created. SDS Profile The settings for the central SDS have been moved from the system settings page into a new Smart Device Server Profile. These include: APNS Cert, Google GCM Info, HTTPS Cert, SDS Public Address, Automatic Smart Device Check In, Smart Device Client Administrator Password. SDS Profiles Inheritance has changed, they will aggregate settings instead of overwriting. This allows you to set things like APNS, GCM and wildcard HTTPS certs at a higher level and have them set at lower SDS in the tree. You can then set specific settings such as the SDS public address, or check in times at a locally applied SDS profile. Device Folder Assignment setting allows the enrollment to be placed in a static folder or dynamically place based on folder selection criteria UDP Service Discovery allows the SDS to listen for enrollment broadcasts from the enabler. Central File Store These settings allow you to point to a file share. Files can be uploaded and managed via the Central File Store. You can then use these files in Android manifest URL software payloads, Android file payloads and Android OS Update payloads. Upon deployment of these payloads to an SDS the files will be cached in a file store local to the SDS. Implemented Zebra MX Extensions Now Android Agent applies StageNow config file "avamxmf.xml" placed specific location on SD card "/sdcard/Ivanti/MXMF" using MX framework. Log "MXMS configuration XML file applied successfully" will be displayed when MX config file applied. New Features and Improvements: Scalability - multiple SDS support Improved ANS reliability Distributed file caching Upgrade to Tomcat 8.5 Android device restrictions for post Kitkat devices Vendor specific enablers - Panasonic, Datalogic, Zebra GCM and ANS enabler functionality combined into single enabler Hide Google search box Zebra MX Extensions Reference (Global) enrollment rules Updated passcode payload Updated Restrictions payloads Restrict access to setting application Updated Application whitelisting Updated Application blacklisting Combined GCM and ANS enabler Device wiped if device admin is disabled Devices can broadcast to find their local Avalanche instance and enroll Set NTP server and time zone on device Ivanti Rebrand Removed: DEP Support (system settings and enrollment rule) VPP (Tools>VPP) Windows Phone 8 support (payloads, system settings) LDAP for Login and Enrollment + LDMS connection info (system settings) LDAP Enrollment (Enrollment rule) User Targeting (system settings, user tree) LD Portal (software payload deployment option, link payload deployment option) Media Payload Check for updates (Tools>Check for updates) Android Remote Control Settings (System Settings) Wavelink Remote Control Button in Inventory Page Tiny URL column on enrollment rule page Enabler: Home screen with Remote Control Server Address Enabler: About Screen Enabler: Remote Control capability Fixes: Fix: Improved data validation for java beans Fix: Manifest app installation in android client Fix: Improved functionality with self-signed certificates Fix: Deployments rolled back in large systems Fix: Devices Overwriting one another on Enroll Fix: IP Ranges in selection criteria were treated as a string and not numerically Fix: Data from other payloads sometimes displayed in a new payload

CVE-2023-41726

Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® oneAPI Rendering Toolkit Advisory**

**Summary: **

A potential security vulnerability in the Intel® oneAPI Rendering Toolkit may allow escalation of privilege.  Intel is releasing software updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-33071

Description: Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

**Affected Products:**

Intel® oneAPI Rendering Toolkit before version 2021.2.

**Recommendations:**

Intel recommends updating the Intel® oneAPI Rendering Toolkit to version 2021.2 or later.

Updates are available for download at this location:

https://software.intel.com/content/www/us/en/develop/tools/oneapi/rendering-toolkit/download.html

**Acknowledgements:**

Intel would like to thank Marius Gabriel Mihai for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

11/09/2021

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2020

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33071: INTEL-SA-00564

Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® RealSense™ DCM Advisory**

**Summary: **

A potential security vulnerability in the Intel® RealSense™ Depth Camera Manager (DCM) software may allow information disclosure.  Intel is releasing software updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-33119

Description: Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS Base Score: 2.5 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

**Affected Products:**

Intel® RealSense™ DCM software before version 20210625.

**Recommendations:**

Intel recommends updating RealSense™ DCM software to version 20210625 or later.

Updates are available for download at this location: https://www.intel.com/content/www/us/en/download/18309/29921/intel-realsense-depth-camera-manager.html

**Acknowledgements:**

Intel would like to thank Mazoz Ocher for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33119: INTEL-SA-00588

Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® GPA Software Advisory**

**Summary: **

A potential security vulnerability in the Intel® Graphics Performance Analyzers (GPA) software may allow escalation of privilege.  Intel is releasing software updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-33101

Description: Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector:  CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

**Affected Products:**

Intel® GPA software before version 21.2.

**Recommendations:**

Intel recommends updating the Intel® GPA software to version 21.2 or later.

Updates are available for download at this location: https://software.intel.com/content/www/us/en/develop/tools/graphics-performance-analyzers/download.html

**Acknowledgements:**

Intel would like to thank Marius Gabriel Mihai for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-33101: INTEL-SA-00574

Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Advisor Software Advisory**

**Summary: **

A potential security vulnerability in the Intel® Advisor software may allow escalation of privilege.  Intel is releasing software updates to mitigate this potential vulnerability.

**Vulnerability Details:**

CVEID: CVE-2021-23152

Description: Improper access control in the Intel(R) Advisor software before version 2021.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

**Affected Products:**

Intel® Advisor software before version 2021.2.

**Recommendations:**

Intel recommends updating Intel® Advisor software to version 2021.2 or later.

Updates are available for download at this location: https://www.intel.com/content/www/us/en/developer/articles/tool/oneapi-standalone-components.html#advisor

**Acknowledgements:**

Intel would like to thank Marius Gabriel Mihai for reporting this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

**Revision History**

Revision

Date

Description

1.0

02/08/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at https://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  
Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2021-23152: INTEL-SA-00622

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

**Commit**

Permalink

Browse files

Browse the repository at this point in the history

(for 4.9.3) CVE-2018-14468/FRF.16: Add a missing length check.

The specification says in a well-formed Magic Number information element
the data is exactly 4 bytes long. In mfr\_print() check this before trying
to read those 4 bytes.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).

*   Loading branch information

CVE-2018-14468: (for 4.9.3) CVE-2018-14468/FRF.16: Add a missing length check. · the-tcpdump-group/tcpdump@aa3e54f

TensorFlow is an open source platform for machine learning. An input `token` that is not a UTF-8 bytestring will trigger a `CHECK` fail in `tf.raw_ops.PyFunc`. We have patched the issue in GitHub commit 9f03a9d3bafe902c1e6beb105b2f24172f238645. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

@@ -17,7 +17,9 @@

from tensorflow.python.eager import def\_function

from tensorflow.python.framework import constant\_op

from tensorflow.python.framework import dtypes

from tensorflow.python.framework import errors

from tensorflow.python.framework import test\_util

from tensorflow.python.ops import gen\_script\_ops

from tensorflow.python.ops import resource\_variable\_ops

from tensorflow.python.ops import script\_ops

from tensorflow.python.ops.script\_ops import numpy\_function

@@ -103,6 +105,15 @@ def plus(a, b):

expect\_result \= constant\_op.constant(3, dtypes.int32)

self.assertAllEqual(actual\_result, expect\_result)

  

@test\_util.run\_in\_graph\_and\_eager\_modes

def test\_fail\_on\_non\_utf8\_token(self):

value \= constant\_op.constant(value\=\[1, 2\])

token \= b"\\xb0"

data\_type \= \[dtypes.int32\]

with self.assertRaises((errors.InternalError, UnicodeDecodeError)):

self.evaluate(

gen\_script\_ops.py\_func(input\=\[value\], token\=token, Tout\=data\_type))

  

  

if \_\_name\_\_ \== "\_\_main\_\_":

test.main()

Search

lenovo warranty check/lookup | check warranty status | lenovo support us