Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- patch

  Linus Torvalds apologizes for Linux 4.8 kernel bug

On Oct 2, Linus Torvalds proudly announced the release of Linux 4.8. But just days after the release, a bug was found in the kernel and Linus came out and apologized for this bug. I'm really sorry I applied that last series from Andrew just before doing the 4.8 release, because they cause problems, and now it is in 4.8 (and that buggy crap is marked for stable too). In particular, I just got this kernel BUG at ./include/linux/swap.h:276 and the end result was a dea...

   LINUX,LINUX KERNEL,NEWS,LINUS TORVALDS,BUG_ON     2016-10-07 03:46:17

  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  Frequently used Git commands

Git configuration git config --global user.name "robbin" git config --global user.email "fankai@gmail.com" git config --global color.ui true git config --global alias.co checkout git config --global alias.ci commit git config --global alias.st status git config --global alias.br branch git config --global core.editor "mate -w" # Configure Editor to use textmate git config -l #List all configurations User's git configuration file : ~/.gitconfig Frequently used Git commands Check、add...

   Git,Command     2013-03-11 19:41:06

  30 minutes to fix Java vulnerability

On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43

  Latest PHP patch cannot fix the bug

On Wednesday(2012-05-02), a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition.A CERT advisory on the flaw explains: “When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows com...

   PHP,bug,patch,bypassed     2012-05-08 11:20:56

  New Linux kernel fixes power-saving issues

Greg Kroah-Hartman has released long-term kernel 3.0.20 and stable kernel 3.2.5. Both contain just a single bug fix that allows PCIe power-saving technology ASPM (Active State Power Management) to be used on systems with a BIOS that activates ASPM on some components, but states in the FADT (Fixed ACPI Description Table) consulted by Linux that ASPM is not supported. According to Matthew Garrett, who developed the patch, the change can reduce the power consumption of a Thinkpad X220 by 5&nbs...

   Linux kernel,Power saving,Fix     2012-02-08 10:10:36

  Severe SSL 3.0 vulnerability to be released

According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today. There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries...

   SSL,Security vulnerability, The Register     2014-10-14 22:22:39

  PHP's Output Buffering

While profiling our application I came across a a rather strange memory usage by the ob_start() function. We do use ob_start() quite a bit to defer output of data, which is a common thing in many applications. What was unusual is that 16 calls to ob_start() up chewing through almost 700kb of memory, given that the data being buffered rarely exceeds 1-2kb, this was quite unusual. I started looking at the C code of the ob_start() function and found this interesting bit of code inside php_sta...

   PHP,Memory,ob_start(),source,40kB     2011-12-08 10:20:32

  Understand diff in Unix

diff is an important tool program in Unix. It is used to compare differences of two files, it is the foundation for code version control. If you type : $ diff <file_before_change> <file_after_change> diff will tell you what's the difference between these two files. The result may not be so easy to understand, so now I will show you how to understand diff. 1. 3 formats of diff diff has 3 formats due to historic reasons. normal diff context diff unified diff 2. Demo files For easy d...

   diff,Unix,version control,git     2012-09-03 10:49:36

  Understand Virtual DOM

With the popularity of React, the internals and implementation of Virtual DOM has becoming top discussed topic in tech communities and interviews. This post will give an introduction of Virtual DOM and how to implement a simple Virtual DOM logic. How to understand Virtual DOM In early days, front end developers would update a webpage view based on the data status change(usually after making AJAX call). But it brings performance penalties when there is frequent update as it would cause page reflo...

   JAVASCRIPT,DOM,VIRTUAL DOM     2019-12-07 23:43:04

RECENT