The release of the EdgeDB 2.0 DBMS is presented, which implements the relational graph data model and the EdgeQL query language, optimized for working with complex hierarchical data. The code is written in Python and Rust (parser and performance-critical parts) and distributed under the Apache 2.0 license. The project is being developed as an add-on for PostgreSQL. Client libraries prepared for Python, Go, Rust and […]
Yandex has published the source code for the Userver framework, which allows you to create highly loaded C++ applications that work in asynchronous mode. The framework has been tested on Yandex-level loads and is used in services such as Yandex Go, Lavka, Delivery, Market, and fintech projects. The Userver code is written in C++ and is licensed under the Apache 2.0 license. Userver is best suited for developing […]
Facebook/Meta (banned in Russia) has published a list of programming languages recommended for engineers when developing internal Facebook server components and fully supported in the company's infrastructure. Compared to previous recommendations, the list includes Rust, which complements the previously used C ++, Python and Hack (Facebook's statically typed version of PHP). For supported languages on Facebook, developers are provided […]
A new release of the FreeRDP 2.8.0 project has been published, offering a free implementation of the Remote Desktop Protocol (RDP), developed based on Microsoft specifications. The project provides a library for integrating RDP support into third-party applications and a client that can be used to remotely connect to a Windows desktop. The project code is distributed under the Apache 2.0 license. In the new […]
The release of the OPNsense 22.7 firewall distribution has been published, which is a fork from the pfSense project, created with the goal of creating a completely open distribution that could have functionality at the level of commercial solutions for deploying firewalls and network gateways. Unlike pfSense, the project is positioned as not under the control of one company, developed with the direct participation of the community and […]
The Ventoy 1.0.79 toolkit for creating bootable USB media containing multiple operating systems has been released. The program is remarkable in that it provides the ability to boot the OS from unchanged ISO, WIM, IMG, VHD and EFI images without requiring unpacking the image or reformatting the media. For example, it is enough to simply copy the set of iso images of interest to a USB Flash with the Ventoy bootloader, and Ventoy will provide the ability to boot […]
Corrective releases of Samba 4.16.4, 4.15.9 and 4.14.14 have been published, fixing 5 vulnerabilities. The release of package updates in distributions can be tracked on the pages: Debian, Ubuntu, RHEL, SUSE, Arch, FreeBSD. The most dangerous vulnerability (CVE-2022-32744) allows users of the Active Directory domain to change the password of any user, including the ability to change the administrator password and take full control of the domain. Problem […]
The release of the zeronet-conservancy project is available, which continues the development of the decentralized, censorship-resistant ZeroNet network, which uses Bitcoin addressing and verification mechanisms in combination with BitTorrent distributed delivery technologies to create sites. Site content is stored in the P2P network on visitors' machines and verified against the owner's digital signature. The fork was created after the disappearance of the original ZeroNet developer and aims to maintain and […]
Researchers at the Helmholtz Center for Information Security (CISPA) and the Royal Institute of Technology (Sweden) analyzed the applicability of the JavaScript prototype object contamination technique (“prototype pollution”) to create attacks on the Node.js platform and popular applications based on it, leading to code execution. The prototype polluting method uses a feature of the JavaScript language that allows you to add new properties to the root prototype of any object. In applications […]
Ben Cotton, who holds the position of Red Hat Fedora Program Manager, announced his intention to stop the formation of alternative live builds of the distribution - Robotics Spin (environment with applications and simulators for robot developers), Games Spin (environment with a selection of games) and Security Spin (environments with a set of tools for checking security), due to the termination of communication of maintainers or […]
Cisco has published new releases of the free anti-virus package ClamAV 0.105.1, 0.104.4 and 0.103.7. Recall that the project passed into the hands of Cisco in 2013 after the purchase of Sourcefire, which develops ClamAV and Snort. The project code is distributed under the GPLv2 license. Release 0.104.4 will be the last update in the 0.104 branch, and the 0.103 branch has been categorized as LTS and will be accompanied by […]
GitHub has released the NPM 8.15 package manager that comes with Node.js and is used to distribute JavaScript modules. It is noted that more than 5 billion packages are downloaded via NPM daily. Key changes: A new "audit signatures" command has been added to perform a local audit of the integrity of installed packages, which does not require manipulations with PGP utilities. The new verification mechanism is based on […]
