On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that gives developers lossless compression. This package is commonly used for compressing release tarballs, software packages, kernel images, and initramfs images. It is very widely distributed, statistically your average Linux or macOS system will have it installed for
Philippe Ombredanne pombredanne
pombredanne
/ hashes.txt
Created
April 3, 2024 09:16
— forked from q3k/hashes.txt
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0810 b' from ' | |
| 0678 b' ssh2' | |
| 00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
| 0708 b'%s' | |
| 0108 b'/usr/sbin/sshd\x00' | |
| 0870 b'Accepted password for ' | |
| 01a0 b'Accepted publickey for ' | |
| 0c40 b'BN_bin2bn\x00' | |
| 06d0 b'BN_bn2bin\x00' | |
| 0958 b'BN_dup\x00' |
pombredanne
/ xz-backdoor.md
Created
March 30, 2024 15:44
— forked from thesamesam/xz-backdoor.md
xz-utils backdoor situation
pombredanne
/ packaging-resources.md
Created
March 4, 2024 16:26
— forked from bureado/packaging-resources.md
Post-modern Linux packaging: additional reading
This document compiles 2018 coverage around post-modern packaging technologies for Linux, including packaging formats like Snaps and Flatpaks, systems like Nix and Guix and full distros such as Atomic or Clear Linux.
This curation and commentary are current as of 18 June 2018. The curation was prepared by José Miguel Parrella (@bureado) as part of his session at Open Source Summit Japan: Package Management and Distribution in a Cloud World.
We compile these resources in an effort to provide individual developers and organizations with current coverage on the state-of-the-art and motivations of the current post-modern packaging landscape with the intention to increase readiness in experimenting with, evaluating and potentially adopting said technologies.
pombredanne
/ xgb_quantile_loss.py
Created
May 29, 2023 20:21
— forked from Nikolay-Lysenko/xgb_quantile_loss.py
Customized loss function for quantile regression with XGBoost
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import numpy as np | |
| def xgb_quantile_eval(preds, dmatrix, quantile=0.2): | |
| """ | |
| Customized evaluational metric that equals | |
| to quantile regression loss (also known as | |
| pinball loss). | |
| Quantile regression is regression that |
pombredanne
/ Programming_Languages_Extensions.json
Created
November 3, 2022 12:18
— forked from ppisarczyk/Programming_Languages_Extensions.json
Programming Languages and their File Extensions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "name":"ABAP", | |
| "type":"programming", | |
| "extensions":[ | |
| ".abap" | |
| ] | |
| }, | |
| { | |
| "name":"AGS Script", |
pombredanne
/ c_sharp_for_python.md
Last active
July 23, 2022 13:22
— forked from mrkline/c_sharp_for_python.md
An intro to C# for a Python developer. Made for one of my coworkers.
-
Single-line comments are started with
//. Multi-line comments are started with/*and ended with*/. -
C# uses braces (
{and}) instead of indentation to organize code into blocks. If a block is a single line, the braces can be omitted. For example,
pombredanne
/ waybackrobots.py
Created
May 11, 2022 09:22
— forked from mhmdiaa/waybackrobots.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| import sys | |
| from multiprocessing.dummy import Pool | |
| def robots(host): | |
| r = requests.get( | |
| 'https://web.archive.org/cdx/search/cdx\ | |
| ?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
pombredanne
/ waybackurls.py
Created
May 11, 2022 09:22
— forked from mhmdiaa/waybackurls.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| def waybackurls(host, with_subs): | |
| if with_subs: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
| else: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
pombredanne
/ gist:773c73330b777400e57d719a8ad9dd09
Created
March 2, 2022 17:08
— forked from PatteSI/gist:5904f4bdfb149dc1ce8c73da53e2f6ae
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| file = 'evaluated-model-things.json' | |
| # list all license references here that frequently cause false positives | |
| scanRefLicencesList = [ | |
| 'LicenseRef-scancode-unknown-license-reference', | |
| 'LicenseRef-scancode-free-unknown', | |
| 'LicenseRef-scancode-proprietary-license', | |
| 'LicenseRef-scancode-generic-export-compliance', | |
| 'LicenseRef-scancode-generic-cla', |
pombredanne
/ fastio.py
Created
February 5, 2022 14:17
— forked from satra/fastio.py
Multithreaded Python os.walk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2016 The TensorFlow Authors. All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, |
NewerOlder