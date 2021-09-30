Security Leftovers
Local root vulnerability in PHP-FPM - itsfoss.net
A critical vulnerability CVE-2021-21703 has been identified in PHP-FPM, the FastCGI process manager included in the main PHP distribution since branch 5.3 , which allows an unprivileged hosting user to execute code as root. The problem manifests itself on servers that use PHP-FPM, usually used in conjunction with Nginx, to organize the launch of PHP scripts. The researchers who identified the problem were able to prepare a working prototype of the exploit.
The vulnerability is caused by storing pointers to a shared memory area (scoreboard) used to communicate between the child and parent PHP-FPM process. The main PHP-FPM process that coordinates the work is started as root and spawns several child processes that run under an unprivileged user (usually www-data or nobody) and are directly involved in executing PHP scripts. The essence of the problem is that a child process controlled by the user can access the shared memory of the controlling process and change the pointers used in the main process (pointers to the nested structure fpm_scoreboard_proc_s are stored in the scoreboard structure).
Intel develops HTTPA to complement HTTPS [Ed: Intel makes back doors for the NSA, so you know this is just crock, like putting all the certificates in one places that's connected to NSA-connected tech firms]
Intel engineers have proposed a new protocol, HTTPA (HTTPS Attestable), extending HTTPS with additional guarantees of the security of the calculations performed. HTTPA helps ensure the integrity of the user’s request is processed on the server and make sure that the web-service is trustworthy and works in TEE -okruzhenii (Trusted Execution Environment) server code was not changed as a result of hacking or sabotage administrator.
How to Fix the Blue Screen of Death - Invidious [Ed: "Delete Windows" is an easy fix]
Microsoft: Windows KB5006674, KB5006670 updates break printing
People of WordPress: Ronald Gijsel
For WordPress contributor Ronald Gijsel, open source is a lifeline and a perfect place for people with creative minds. It led him on a transformational journey from chef to WordPress e-commerce specialist. Originally from the Netherlands, where he trained in hospitality, he was to find a restorative and energizing power within the WordPress local and global community. Ten years ago, life took a sad turn for Ronald and his wife Nihan when their baby daughter passed away only a few days after she was born. At that time, Ronald was a restaurant owner in the UK, working hard in a challenging economic environment. Discovering open source was in many ways his lifeline and helped him and his wife through their considerable heartache. Through this community, a journey to understand the opportunities of the web and new career paths began. Also: OpenVDB 9.0 Released With NanoVDB GPU Support - Phoronix
Sebastian Pölsterl: scikit-survival 0.16 released
I am proud to announce the release if version 0.16.0 of scikit-survival, The biggest improvement in this release is that you can now change the evaluation metric that is used in estimators’ score method. This is particular useful for hyper-parameter optimization using scikit-learn’s GridSearchCV. You can now use as_concordance_index_ipcw_scorer, as_cumulative_dynamic_auc_scorer, or as_integrated_brier_score_scorer to adjust the score method to your needs. The example below illustrates how to use these in practice.
Stargate Is The Newest Open-Source Digital Audio Workstation
While Ardour is arguably the most well known open-source digital audio workstation (DAW) solution, there are also other offerings like Zrythm and others while now "Stargate" is the newest option available. Stargate is an open-source digital audio workstation with an aim to provide "everything you need to make music on a computer." The free software project aims for a "unique and carefully curated experience", function on older hardware while scaling to today's modern multi-core systems, provide robust stability, and work across the vast open-source/Linux ecosystem.
