nginScript – A New and Powerful Way to Configure NGINX

2016-03-02 KENNETH 0

nginScript – A New and Powerful Way to Configure NGINX The following is adapted from a presentation given by Igor Sysoev at nginx.conf 2015, held in San Francisco in September. You can view the video of the nginScript talk on YouTube. Table of Contents 0:27 nginScript Beginnings 1:30 The Lua Module 2:23 Choosing JavaScript 3:33 JavaScript VMs 4:04 V8 Issues 6:15 The nginScript VM 7:51 The State of nginScript 9:10 The nginScript Interface 9:58 $r.response 11:34 Questions and Answers 0:27 nginScript Beginnings Since the start of NGINX’s development, I’ve wanted NGINX to have the ability to run scripts inside the server. I first attempted to implement this capability in 2005. At that time I tried to embed Perl – which was, and still is, my favorite language for general scripting. Perl has some drawbacks, however, that make it unsuitable as [ more… ]

[도서] NX 10 서피스 모델링

2016-03-02 KENNETH 0

[도서] NX 10 서피스 모델링 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]NX 10 서피스 모델링 고재철 저 | 온솔루션인티그레이션 | 2016년 03월 판매가 27,000원 (10%할인) | YES포인트 300원(1%지급) 이벤트 : 예약하고 빨리 받자! IT 도서 예약판매 알림 NX 10을 이용한 곡면 생성의 원리를 쉽게 이해하고 실무적인 예제들을 수행할 수 있도록 구성되어 있다. NX 9, NX 10의 사용자 인터페이스를 사용한다. NX를 이용하여 초급 모델링을 수행할 수 있는 사용자라면 본 Source: [도서] NX 10 서피스 모델링

No Image

USN-2915-1: Django vulnerabilities

2016-03-02 KENNETH 0

USN-2915-1: Django vulnerabilities Ubuntu Security Notice USN-2915-1 1st March, 2016 python-django vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Django. Software description python-django – High-level Python web development framework Details Mark Striemer discovered that Django incorrectly handled user-suppliedredirect URLs containing basic authentication credentials. A remoteattacker could possibly use this issue to perform a cross-site scriptingattack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing whendoing password hashing operations. A remote attacker could possibly usethis issue to perform user enumeration. (CVE-2016-2513) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: python3-django 1.7.9-1ubuntu5.2 python-django 1.7.9-1ubuntu5.2 Ubuntu 14.04 LTS: python-django 1.6.1-2ubuntu0.12 Ubuntu 12.04 LTS: python-django 1.3.1-4ubuntu1.20 To update your system, [ more… ]

No Image

USN-2914-1: OpenSSL vulnerabilities

2016-03-02 KENNETH 0

USN-2914-1: OpenSSL vulnerabilities Ubuntu Security Notice USN-2914-1 1st March, 2016 openssl vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenSSL. Software description openssl – Secure Socket Layer (SSL) cryptographic library and tools Details Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL wasvulnerable to a side-channel attack on modular exponentiation. On certainCPUs, a local attacker could possibly use this issue to recover RSA keys.This flaw is known as CacheBleed. (CVE-2016-0702) Adam Langley discovered that OpenSSL incorrectly handled memory whenparsing DSA private keys. A remote attacker could use this issue to causeOpenSSL to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2016-0705) Guido Vranken discovered that OpenSSL incorrectly handled hex digitcalculation in the BN_hex2bn function. A remote attacker [ more… ]