Today's Question:  What's your opinion about Alibaba mooncake incident?        GIVE A SHOUT

SEARCH KEYWORD -- patch



  Oracle released an urgent Java patch


On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59


  Frequently used Git commands


Git configuration git config --global user.name "robbin" git config --global user.email "fankai@gmail.com" git config --global color.ui true git config --global alias.co checkout git config --global alias.ci commit git config --global alias.st status git config --global alias.br branch git config --global core.editor "mate -w" # Configure Editor to use textmate git config -l #List all configurations User's git configuration file : ~/.gitconfig Frequently used Git commands Check、add、p...

   Git,Command     2013-03-11 19:41:06


  30 minutes to fix Java vulnerability


On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43


  Latest PHP patch cannot fix the bug


On Wednesday(2012-05-02), a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition.A CERT advisory on the flaw explains: “When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command...

   PHP,bug,patch,bypassed     2012-05-08 11:20:56


  New Linux kernel fixes power-saving issues


Greg Kroah-Hartman has released long-term kernel 3.0.20 and stable kernel 3.2.5. Both contain just a single bug fix that allows PCIe power-saving technology ASPM (Active State Power Management) to be used on systems with a BIOS that activates ASPM on some components, but states in the FADT (Fixed ACPI Description Table) consulted by Linux that ASPM is not supported. According to Matthew Garrett, who developed the patch, the change can reduce the power consumption of a Thinkpad X220 by 5&nbs...

   Linux kernel,Power saving,Fix     2012-02-08 10:10:36


  Severe SSL 3.0 vulnerability to be released


According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today. There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries...

   SSL,Security vulnerability, The Register     2014-10-14 22:22:39


  PHP's Output Buffering


While profiling our application I came across a a rather strange memory usage by the ob_start() function. We do use ob_start() quite a bit to defer output of data, which is a common thing in many applications. What was unusual is that 16 calls to ob_start() up chewing through almost 700kb of memory, given that the data being buffered rarely exceeds 1-2kb, this was quite unusual. I started looking at the C code of the ob_start() function and found this interesting bit of code inside php_sta...

   PHP,Memory,ob_start(),source,40kB     2011-12-08 10:20:32


  Understand diff in Unix


diff is an important tool program in Unix. It is used to compare differences of two files, it is the foundation for code version control. If you type : $ diff <file_before_change> <file_after_change> diff will tell you what's the difference between these two files. The result may not be so easy to understand, so now I will show you how to understand diff. 1. 3 formats of diff diff has 3 formats due to historic reasons. normal diff context diff unified diff 2. Demo files For easy d...

   diff,Unix,version control,git     2012-09-03 10:49:36


  Some tricks on PHP session


1. Session timeout problem There is a nuance we found with session timing out although the user is still active in the session.  The problem has to do with never modifying the session variable. The GC will clear the session data files based on their last modification time.  Thus if you never modify the session, you simply read from it, then the GC will eventually clean up. To prevent this you need to ensure that your session is modified within the GC delete time.  You can accomp...

   PHP,Session,Timeout,Solution,Various domain     2015-03-13 07:05:37


  Scala, Patterns and The Perl Effect


He tried to understand that one concept for a couple of months before it made sense to him. Admittedly, partial functions are not intuitive for anyone who has been schooled in traditional programming, but still, looking at the problem he was trying to solve it seemed like James was required to expend too much effort relative to the simplicity of the problem (as he pointed out, now that he understands the concept it seems straightforward). He showed me the code, and it was basically a situa...

   Scala,Perl,Pattern,Partial function,Template     2011-12-21 09:25:41