[월:] 2018년 11월

No Image

Virtual Patching with the NGINX JavaScript Module

2018-11-20 KENNETH 0

Virtual Patching with the NGINX JavaScript Module table, th, tr, td { border: 0; padding: 0px !important; margin: 0px !important; } Virtual patching refers to fixing a problem with application code by making a change to related infrastructure rather than the code itself. In the security realm, it’s common to use ModSecurity to virtually patch a vulnerability, for example. But virtual patching can be applied to other types of bugs as well, such as the bugs in backend applications we often encounter in production environments. For various reasons it can be challenging to fix these bugs directly (for example, if the original developer has left the company) and virtual patching is a practical alternative. An NGINX Plus customer recently experienced an unusual issue: a client‑side app was making GET and POST requests in lowercase (as get and post). The backend application [ more… ]

No Image

USN-3816-2: systemd vulnerability

2018-11-20 KENNETH 0

USN-3816-2: systemd vulnerability systemd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary systemd-tmpfiles could be made to change ownership of arbitrary files. Software Description systemd – system and service manager Details USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686) Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu [ more… ]

No Image

Updated version of Windows 10 SDK now available with Visual Studio 15.9.1

2018-11-20 KENNETH 0

Updated version of Windows 10 SDK now available with Visual Studio 15.9.1 At Build 2018, I had the privilege of sharing with you some of the advancements for Microsoft 365 that centered on multi-sense and multi-device experiences. Today, developers can get the latest Windows 10 SDK and start using some of these amazing platform capabilities. What’s in this update: Windows UI Library (WinUI) allows you take advantage of the latest Fluent controls and styles for Windows 10 apps without having to wait for all your customers to update to the latest OS version. The WinUI nuget package is backward-compatible, down to Windows 10 version 1607 (Anniversary Update) and includes the same powerful, supported controls that Windows uses in its apps and experiences. UWP XAML hosting API (Preview) allows ‘islands’ of UWP XAML UI elements to be hosted in applications built [ more… ]

[도서] 손에 잡히는 판다스

2018-11-20 KENNETH 0

[도서] 손에 잡히는 판다스 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]손에 잡히는 판다스 문용준 저 | 비제이퍼블릭(BJ퍼블릭) | 2018년 11월 판매가 28,800원 (10%할인) | YES포인트 1,600원(5%지급) 이벤트 : 주목 IT 신간&예약판매 사은품 이벤트 주피터 노트북과 파이썬을 이용한 데이터 분석 『손에 잡히는 판다스』는 판다스 내의 시리즈와 데이터프레임 클래스의 속성, 메소드의 기능 설명과 예제를 통해 사용법을 이해할 수 있다. 정돈된 데이터를 만드 Source: [도서] 손에 잡히는 판다스