NGINX and HAProxy: Testing User Experience in the Cloud

2021-01-08 KENNETH 0

NGINX and HAProxy: Testing User Experience in the Cloud Many performance benchmarks measure peak throughput or requests per second (RPS), but those metrics can oversimplify the performance story at real‑world sites. Few organizations run their services at or near peak throughput, where a 10% change in performance either way can make a significant difference. The throughput or RPS a site requires is not infinite, but is fixed by external factors like the number of concurrent users they have to serve and the activity level of each user. In the end, what matters most is that your users receive the best level of service. End users don’t care how many other people are visiting your site. They just care about the service they receive and don’t excuse poor performance because the system is overloaded. This leads us to the observation that what [ more… ]

No Image

USN-4687-1: Firefox vulnerability

2021-01-08 KENNETH 0

USN-4687-1: Firefox vulnerability A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Source: USN-4687-1: Firefox vulnerability

No Image

USN-4686-1: Ghostscript vulnerabilities

2021-01-07 KENNETH 0

USN-4686-1: Ghostscript vulnerabilities It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4686-1: Ghostscript vulnerabilities

No Image

USN-4685-1: OpenJPEG vulnerabilities

2021-01-07 KENNETH 0

USN-4685-1: OpenJPEG vulnerabilities It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code. Source: USN-4685-1: OpenJPEG vulnerabilities

No Image

USN-4684-1: EDK II vulnerabilities

2021-01-07 KENNETH 0

USN-4684-1: EDK II vulnerabilities Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2019-14562) It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-14584) Source: USN-4684-1: EDK II vulnerabilities