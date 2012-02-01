Security Leftovers
WordPress 5.9.3 is now available!
This maintenance release features 9 bug fixes in Core and 10 bug fixes in the block editor.
WordPress 5.9.3 is a short-cycle maintenance release. The next major release will be version 6.0.
In January 2022, the European Parliament voted in favor of the Digital Services Act (DSA), a horizontal legislation for the EU’s digital single market that seeks to define platforms’ responsibility regarding user content. The draft law also contains several concrete provisions aimed at mitigating certain harms of online advertising, including imposing a ban on ‘dark patterns’ when getting consent from users (Article 13a), a behavior that recently led to the French DPA imposing fines of over $200 million on Facebook and Google. While the DSA seeks to promote a more free internet in numerous ways, this article focuses on its transparency mandates for content moderation decisions and the provisions mandating researcher access to data.
Reinforcing Open Source Security with SUSE and the new IBM z16

If the last two years have taught us anything, they've taught CIOs how to be resilient. Resiliency comes in the form of being agile, adaptable, and the right security. And the ability to thrive in unforeseen circumstances.
If the last two years have taught us anything, they’ve taught CIOs how to be resilient. Resiliency comes in the form of being agile, adaptable, and the right security. And the ability to thrive in unforeseen circumstances.
Dirty Pipe is one of the most severe vulnerabilities to hit the Linux kernel in several years. The bug lets an unprivileged user overwrite data that is supposed to be read-only, an action that can lead to privilege escalation. The bug was nailed down on February 19, and for Linux flavors like Unbuntu, a patch was written and rolled out to end users in about 17 days. Android is based on Linux, so Google and Android manufacturers need to fix the bug, too.
The security world has been abuzz about a new Linux exploit called “Dirty Pipe,” which also affects Android 12 devices like Galaxy S22 and Pixel 6. Here’s everything you need to know about “Dirty Pipe,” which devices it affects, and how best to avoid it.
zlib has recently reported that it has a security issue when deflating which could cause memory corruption if the input has many distant matches. This is reported in a bit more detail here: https://github.com/madler/zlib/issues/605 and has been assigned the CVE id CVE-2018-25032. This has been fixed in an update to zlib 1.2.12
Latest Showcases of Arduino Projects
Chickens, like most other livestock, require consistent care including access to fresh water, plenty of food, and space to roam around until sheltering throughout the night. For the hobbyist farmers who run the YouTube channel East x West Farms, they needed a simple way to automatically regulate their chicken coop without having to constantly visit it in person, especially while away doing other things during the day. In response, they created a chicken coop controller that is able to reduce the amount of direct care required.
The typical piano consists of an array of keys that, when struck by a finger, cause a note to play either from a digital circuit or a vibrating string. But to change this design up a bit and introduce some additional fun, a team of students from the Marie Noel college in Joigny, France set out to create a larger version that could be played using feet instead of hands just like Tom Hanks in the 1988 classic film “Big.”
The aptly named Arduipiano is based around an Arduino Mega 2560 owing to its large number of GPIO pins. After cutting out piano “keys” from large sheets of aluminum foil, each piece was glued to a cardboard base and wired to the Mega via a single 4.7Mohm resistor on each receive pin. Pin 2 acts as the capacitive send pin, which lets the microcontroller measure the change in capacitance for every key in order to determine if it is currently being touched. At the end of each iteration of the main loop, all of the pressed keys are converted to notes and sent through a serial port to a MIDI receiver.
After coming to the conclusion that the traditional analog clock just isn’t enough and the digital clock is too boring, Hans Andersson decided to make his own version that integrates both RGB LEDs and fiber optics to show the current time in a far more entertaining manner. Rather than moving a set of three hands around in a circle or toggling a bunch of digits, the “O-Clock” lights up a series of 60 slits in a hollow ring in red, green, and blue, as well as many other colors, to indicate the hour, minute, and second.
IBM/Red Hat/Fedora Leftovers
Apache Kafka is a distributed, open source messaging technology. It's all the rage these days, and with good reason: It's used to accept, record, and publish messages at a very large scale, in excess of a million messages per second. Kafka is fast, it's big, and it's highly reliable. You can think of Kafka as a giant logging mechanism on steroids.
The ongoing quest for greater and greater automation of building, testing, and deployment has recently inspired several new features in Argo CD, Kubernetes, Red Hat OpenShift, and other tools. This article shows how to improve feature testing by automating builds and the creation of Kubernetes environments.
Red Hat OpenShift GitOps includes an opinionated deployment of Argo CD that provides a way to manage continuous development or delivery cluster-wide, or even in a multi-tenant cluster configuration. This Operator also provides many toolsets that can help you fit your GitOps workflows into your CI/CD (continuous integration/continuous delivery) processes. One of these tools is called ApplicationSets.
ApplicationSets mass-produces Argo CD applications and deploys them onto a cluster or multiple clusters. ApplicationSets accomplishes this task by using generators. Generators vary from use case to use case and depend on things like the Git repository structure, configuration files, key/value lists, and cluster names.
Don't stand out for the wrong reasons. To showcase your ability to handle responsibility and become a trusted partner to the CIO, avoid these five mistakes
How you approach your job matters, and CIOs are looking for people who promote a spirit of collaboration and teamwork within IT. Equally important is building a positive reputation within the business as someone who takes a solution-oriented approach.
On the flip side, here are five characteristics that will make you stand out to your CIO – for the wrong reasons.
Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.
The kernel team is working on final integration for Linux kernel 5.17. This version was just recently released, and will arrive soon in Fedora. As a result, the Fedora kernel and QA teams have organized a test week now through Sunday, April 10, 2022. Refer to the wiki page for links to the test images you’ll need to participate. Read below for details.
All system admins should be lazy. Not as in not doing their job, but as in doing it as efficiently as possible. Why do you have to do things manually when you can automate them? The more complicated a task, the more reason for automation.
Identity Management is an application that makes sense to automate when rolling it out. Red Hat Identity Management (IdM) is fairly easy to install, but the larger your environment, the more machines you need. In a typical datacenter you would probably have an intranet and a DMZ, and you would probably have your servers divided into development and production. The people that should access your servers will probably be divided up into groups as well, consisting of database, web and application administrators. Not to mention your system admins that need access to everything.
I recorded a ~20-minute video tutorial demonstrating how to work with mesh gradients in Inkscape, importing them into Scribus and producing print-ready CMYK artwork. You can watch it above embedded from YouTube or on my personal LinuxRocks PeerTube channel.
Shaarli is a free open-source, self-hosted Bookmarking solution
If you are an active internet users, or on a self-education path, surly you collect dozens of links and web pages every day. You most likely need a software to collect, record, organize your links. So, here we introduce you to Shaarli.
