Category Blog
Dotenv-linter is an open source tool for checking and fixing various problems in .env files, which serve to more conveniently store environment variables within a project. The use of environment variables is recommended by The Twelve Factor App development manifesto, a set of best practices for developing applications for any platform. Following this manifesto makes your application ready to scale, easy […]
A critical vulnerability was found and fixed in the sudo system utility, allowing absolutely any local user of the system to gain root administrator rights. The vulnerability exploits a heap-based buffer overflow and was introduced in July 2011 (commit 8255ed69). Those who found this vulnerability managed to write three working exploits and successfully test them on Ubuntu 20.04 (sudo 1.8.31), Debian 10 (sudo 1.8.27) […]
Firefox 85 is available. Graphics subsystem: WebRender is enabled on devices using the GNOME+Wayland+Intel/AMD graphics card combination (except for 4K displays, support for which is expected in Firefox 86). Additionally, WebRender is enabled on devices using Iris Pro Graphics P580 (mobile Xeon E3 v5), which the developers forgot about, as well as on devices with Intel HD Graphics driver version 23.20.16.4973 (this particular driver […]
The vulnerability lies in the ability of a remote attacker to gain access to directories outside the NFS exported directory by calling READDIRPLUS on the .. root export directory. The vulnerability was fixed in kernel 23, released on January 5.10.10, as well as in all other supported versions of kernels updated on that day: commit fdcaa4af5e70e2d984c9620a09e9dade067f2620 Author: J. Bruce Fields[email protected]> Date: Mon Jan 11 […]
The library is designed as a Rust crate under the MIT License, which can be used like this: [dependencies] windows = "0.2.1" [build-dependencies] windows = "0.2.1" After this, you can generate those modules in the build.rs build script , which are needed for your application: fn main() { windows::build!( windows::data::xml::dom::* windows::win32::system_services::{CreateEventW, SetEvent, WaitForSingleObject} windows:: win32::windows_programming::CloseHandle ); } Documentation about available modules is published on docs.rs. […]
Last week, Elastic Search BV announced that it was changing its licensing strategy for its products and would not release new versions of Elasticsearch and Kibana under the Apache 2.0 license. Instead, new versions will be offered under the proprietary Elastic License (which limits how you can use it) or the Server Side Public License (which contains requirements that […]
More than two years ago, a bug report was opened in Gnome GitLab about scrolling in GTK applications using the touchpad being too fast or too sensitive. 43 people took part in the discussion. GTK+ maintainer Matthias Klasen initially claimed that he didn't see the problem. The comments were mainly on the topic “how does it work”, “how does it work in other […]
During the audit, Google discovered that some third-party products based on Chromium code use keys that allow access to certain Google APIs and services intended for internal use. In particular, to google_default_client_id and to google_default_client_secret. Thanks to this, the user can access their own Chrome Sync data (such as bookmarks) not only […]
The Raspberry Pi team has released the RP2040 board-on-chip with 40nm architecture: Raspberry Pi Pico. RP2040 Specification: Dual-core Arm Cortex-M0+ @ 133MHz 264KB RAM Supports up to 16MB Flash memory via dedicated bus QSPI DMA controller 30 GPIO pins, 4 of which can be used as analog inputs 2 UART, 2 SPI and 2 I2C controllers 16 PWM […]
“Dream of being able to run Linux on Apple's new chip? The reality is much closer than you might think." A popular website among Ubuntu lovers around the world, omg!ubuntu, writes about this news with this subtitle! Developers from Corellium, a virtualization company on ARM chips, were able to run and get stable operation of the Ubuntu 20.04 distribution on the latest Apple Mac […]
Specialists from JSOF research labs reported seven new vulnerabilities in the DNS/DHCP server dnsmasq. The dnsmasq server is very popular and is used by default in many Linux distributions, as well as in network equipment from Cisco, Ubiquiti and others. Dnspooq vulnerabilities include DNS cache poisoning as well as remote code execution. The vulnerabilities have been fixed in dnsmasq 2.83. In 2008 […]
RedHat has changed the terms of free use of the full-featured RHEL system. If earlier this could only be done by developers and only on one computer, now a free developer account allows you to use RHEL in production for free and completely legally on no more than 16 machines, with independent support. In addition, RHEL can be used free of charge and legally […]
