Articles by KENNETH

About KENNETH
지락문화예술공작단

Introducing the OAuth Technology Preview in NGINX Plus R8

2016-01-20 KENNETH 0

Getting identity management right in modern application and API development is an increasingly important and demanding challenge. A number of developments in the industry are putting pressure on existing identity solutions. Integrated web experiences enable users to navigate seamlessly between different applications without requiring multiple login events. User experience is improved by giving users a choice about which identity they use with a given application, instead of requiring yet another password in yet another isolated, proprietary database. Microservices architectures (and decomposed monoliths) can require developers to reimplement the same authentication and authorization logic over and over. Applications deployed at scale (in a cluster) need to offload as many non-core operations as possible, for example encryption and authentication. Supporting the numerous existing identity standards involves undifferentiated heavy lifting that impinges on time spent on the application itself. At NGINX we are [ more… ]

No Image

USN-2874-1: Bind vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2874-1 19th January, 2016 bind9 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Bind could be made to crash if it received specially crafted network traffic. Software description bind9 – Internet Domain Name Server Details It was discovered that Bind incorrectly handled certain APL data. A remoteattacker could possibly use this issue to cause Bind to crash, resulting ina denial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: bind9 1:9.9.5.dfsg-11ubuntu1.2 Ubuntu 15.04: bind9 1:9.9.5.dfsg-9ubuntu0.5 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.7 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.15 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2015-8704 Source: ubuntu-usn

No Image

USN-2875-1: libxml2 vulnerabilities

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2875-1 19th January, 2016 libxml2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary libxml2 could be made to crash if it opened a specially crafted file. Software description libxml2 – GNOME XML library Details It was discovered that libxml2 incorrectly handled certain malformeddocuments. If a user or automated system were tricked into opening aspecially crafted document, an attacker could possibly cause libxml2 tocrash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libxml2 2.9.2+zdfsg1-4ubuntu0.3 Ubuntu 15.04: libxml2 2.9.2+dfsg1-3ubuntu0.3 Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.7 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.14 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your [ more… ]

The HTTP/2 Module in NGINX

2016-01-20 KENNETH 0

The following is adapted from a talk given by Valentin V. Bartenev at nginx.conf 2015, held in San Francisco in September. You can view the video presentation here. For more about HTTP/2, see our blog post, 7 Tips to Improve HTTP/2 Performance. Table of Contents What is HTTP/2 and when should we use it? This post gives a brief overview of key characeristics and benefits of this new protocol. It also explains when and how to use the HTTP/2 module in NGINX for the best performance benefit. 0:20 Overview of the Protocol 1:40 Key Features of HTTP/2 3:08 HTTP/2 Inside: Binary 4:26 HTTP/2 Inside: Multiplexing 7:09 Key Features of HTTP/2 – Header Compression 8:40 Key Features of HTTP/2 – Prioritization 10:06 History 10:16 Test Page 10:52 Test Environment 11:02 DOM Load 11:48 First Painting 12:45 Configuration 14:20 Questions and Answers [ more… ]