thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

oshliaer

ChunkyCache

Using the Google Apps Script Cache Service for objects above 100Kb.

This code is a fork of pilbot/9d0567ef1daf556449fb and glade-at-gigwell/4e080771d685fbf1908edbd98eb2d88c.

Look at the last version on apps-script-snippets.contributor.pw/snippets/cache/chunky-cache.

Samples

xeraa

PUT jobs
{
  "mappings": {
    "properties": {
      "title": {
        "type": "search_as_you_type"
      }
    }
  }
}

sindresorhus

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

1. Use ESM yourself. (preferred)
   Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
3. Stay on the existing version of the package until you can move to ESM.

grooverdan

#!/bin/bash
set -x -v
for v in 10.1 10.2 10.3 10.4 10.5
do
  #podman pull mariadb:$v
  podman rm maria$v
  #podman run -d --rm -e MYSQL_ROOT_PASSWORD=pass \
  podman run -d --rm -e MYSQL_INITDB_SKIP_TZINFO=1 -e MYSQL_ROOT_PASSWORD=pass \
    --expose 3306 \
    --volume /home/dan/datadir/docker_library$v:/var/lib/mysql:Z \

Kirill89

FROM ubuntu:18.04

COPY ./app /app
RUN chmod u+s /app

RUN useradd -s /bin/bash just-user
USER just-user

zottelbeyer

# enable ipv6 in dockerd conf:

# cat /etc/docker/daemon.json
{
  "ipv6": true,
  "fixed-cidr-v6": "2003::/64" # your ipv6. not sure if this is even necessary 
}

# reload daemon conf:
sudo systemctl reload docker.service

danieldietrich

THIS README IS OUTDATED AND UNMAINTAINED - PLEASE DON'T RELY ON THIS

The easiest way to bundle a simple TypeScript web application

Packaging JavaScript applications can be a bit overwhelming. The popular project uglifyjs does not support ES6, it is cumbersome to configure the allmighty Webpack, bundlers like Parcel and Microbundle still have bugs or do not compile to ESM bundles that work in a browser. It is hard to figure out the best way to bundle an application.

Here I give a small example, how we achieve the goal using the

• TypeScript compiler
• rollup.js bundler

saniaky

Complete solution for websites hosting

This gist contains example of how you can configure nginx reverse-proxy with autmatic container discovery, SSL certificates generation (using Let's Encrypt) and auto updates.

Features:

• Automatically detect new containers and reconfigure nginx reverse-proxy
• Automatically generate/update SSL certificates for all specified containers.
• Watch for new docker images and update them.
• Ban bots and hackers who are trying to bruteforce your website or do anything suspicious.