[월:] 2021년 03월

Announcing Windows Community Toolkit v7.0

2021-03-17 KENNETH 0

Announcing Windows Community Toolkit v7.0 After many months of invigorating the Windows Community Toolkit with a multitude of improvements and features; we are happy to announce version 7.0 is available today! Made possible again with the support and contributions of our developer community.🎉  If you are new to the Toolkit, the Windows Community Toolkit is a collection of helpers, extensions, and custom controls. It simplifies and demonstrates common developer tasks for building UWP and .NET apps for Windows 10. The toolkit is part of the .NET Foundation. You can download our Sample App playground to discover and try Toolkit components before getting started on a project.  This new update includes a whole new .NET Standard MVVM library, easier to use Toast Notification helpers for both .NET and UWP, a completely revamped composition Animation system for C# & XAML, new controls, and more!!!  This is one of the largest releases of the Toolkit ever as we embarked to optimize and streamline the Toolkit for the future. However, it also contains [ more… ]

Introducing NGINX Instance Manager – A Tool to Track, Configure, and Monitor NGINX Open Source and NGINX Plus Instances at Scale

2021-03-17 KENNETH 0

Introducing NGINX Instance Manager – A Tool to Track, Configure, and Monitor NGINX Open Source and NGINX Plus Instances at Scale NGINX is the popular web server that powers more than 400 million websites. But it’s more than a web server – as a software‑based all-in-one load balancer, web server, API gateway, and reverse proxy designed for cloud‑native architectures, NGINX is really a Swiss Army Knife™ that accelerates your IT infrastructure and application modernization efforts. This wide‑ranging, versatile functionality can, however, lead to many NGINX instances spread across the organization, sometimes with NGINX Open Source and NGINX Plus managed by different groups. How do you track all the instances? How do you ensure they have up-to-date configuration and security settings? That’s where NGINX’s latest solution comes in – NGINX Instance Manager. NGINX Instance Manager simplifies NGINX asset management, configuration, and visibility. It is ideal [ more… ]

No Image

USN-4880-1: OpenJPEG vulnerabilities

2021-03-16 KENNETH 0

USN-4880-1: OpenJPEG vulnerabilities It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code. Source: USN-4880-1: OpenJPEG vulnerabilities

No Image

USN-4879-1: Linux kernel vulnerabilities

2021-03-16 KENNETH 0

USN-4879-1: Linux kernel vulnerabilities It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-20194) Source: USN-4879-1: Linux kernel vulnerabilities

No Image

USN-4878-1: Linux kernel vulnerabilities

2021-03-16 KENNETH 0

USN-4878-1: Linux kernel vulnerabilities It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. (CVE-2021-20239) It was discovered that the priority inheritance futex implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3347) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of [ more… ]