[월:] 2017년 07월

No Image

USN-3354-1: Apport vulnerability

2017-07-19 KENNETH 0

USN-3354-1: Apport vulnerability Ubuntu Security Notice USN-3354-1 18th July, 2017 apport vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary An attacker could trick a user into opening a malicious .crash file and execute arbitrary code as the user. Software description apport – automatically generate crash reports for debugging Details Felix Wilhelm discovered a path traversal vulnerability in Apportwhen handling the ExecutablePath field in crash files. An attackercould trick a user into opening a specially crafted crash file andexecute arbitrary code with the user's privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: apport 2.20.4-0ubuntu4.5 python-apport 2.20.4-0ubuntu4.5 python3-apport 2.20.4-0ubuntu4.5 Ubuntu 16.10: apport 2.20.3-0ubuntu8.7 python-apport 2.20.3-0ubuntu8.7 python3-apport 2.20.3-0ubuntu8.7 Ubuntu 16.04 LTS: apport 2.20.1-0ubuntu2.10 python-apport 2.20.1-0ubuntu2.10 python3-apport 2.20.1-0ubuntu2.10 [ more… ]

HTTP/2 Theory and Practice in NGINX Stable, Part 1

2017-07-19 KENNETH 0

HTTP/2 Theory and Practice in NGINX Stable, Part 1 td { padding-right: 10px; } Table of Contents 3:56 What Is HTTP/2? 4:24 What Was SPDY? 5:05 HTTP/2 Sample Object 5:25 Proxying Under HTTP/2: GET Method 7:06 Proxying Under HTTP/2: Load Balancing 7:39 Key Features: Binary Protocol 8:32 Key Features: No Head-of-Line Blocking 9:09 Key Features: Only One Connection 10:11 Key Features: Server Push 11:04 Key Features, Header Compression Good morning ladies and gentlemen. My name is Nathan. I work at a startup called StackPath. We are currently in a closed beta and will be exiting that within the next couple weeks and we will have our first major public product out at that point. I am what they call an aqui-hire. I was originally with a company called MaxCDN which was purchased, and so that’s where the bulk of this [ more… ]

Working with Brushes and Content – XAML and Visual Layer Interop, Part One

2017-07-19 KENNETH 0

Working with Brushes and Content – XAML and Visual Layer Interop, Part One The Composition APIs empower Universal Windows Platform (UWP) developers to do beautiful and powerful things when they access the Visual Layer. In the Windows 10 Creators Update, we made working with the Visual Layer much easier with new, powerful APIs. In this blog series, we’ll cover some of these improvements in the Creators Update and take a look at the following APIs: In Part 1, today’s post: XamlCompositionBrushBase – easily paint a XAML UIElement with a CompositionBrush LoadedImageSurface – load an image easily and use with Composition APIs In Part 2, we’ll look at: XamlLights – apply lights to your XAML UI with a single line of XAML PointerPositionPropertySet – create 60 FPS animations using pointer position, off the UI thread! Enabling the Translation property – animate [ more… ]

No Image

USN-3274-2: ICU vulnerabilities

2017-07-19 KENNETH 0

USN-3274-2: ICU vulnerabilities Ubuntu Security Notice USN-3274-2 18th July, 2017 icu vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in ICU. Software description icu – International Components for Unicode library Details USN-3274-1 fixed a vulnerability in icu. This update provides thecorresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: libicu48 4.8.1.1-3ubuntu0.8 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard [ more… ]

No Image

MySQL 8.0.2: Introducing Window Functions

2017-07-19 KENNETH 0

MySQL 8.0.2: Introducing Window Functions MySQL 8.0.2 introduces SQL window functions, or analytic functions as they are also sometimes called. They join CTEs (available since 8.0.1) as two of our most requested features, and are long awaited and powerful features. This is the first of a series of posts describing the details.… Source: MySQL 8.0.2: Introducing Window Functions