On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that gives developers lossless compression. This package is commonly used for compressing release tarballs, software packages, kernel images, and initramfs images. It is very widely distributed, statistically your average Linux or macOS system will have it installed for
import requests | |
headers = {'Authorization': 'token <ahem>', 'Accept': ' application/vnd.github.inertia-preview+json'} | |
# e.g. from https://api.github.com/repos/jnm/cuddly-doodle/projects | |
get_url = 'https://api.github.com/projects/columns/2942196/cards' | |
# e.g. from https://api.github.com/orgs/kobotoolbox/projects | |
post_url = 'https://api.github.com/projects/columns/2942356/cards' |
{ | |
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", | |
"bomFormat": "CycloneDX", | |
"specVersion": "1.6", | |
"serialNumber": "urn:uuid:4a35c69e-6ec3-4c43-afc7-85e9f08a4608", | |
"version": 1, | |
"metadata": { | |
"component": { | |
"bom-ref": "58e5b27f-388c-42ef-aa19-bbc8f852467c", | |
"name": "httrace420 clone", |
NVD Program Announcement UPDATED - April, 25th 2024 | |
NIST maintains the National Vulnerability Database (NVD), a repository of | |
information on software and hardware flaws that can compromise computer security. | |
This is a key piece of the nation’s cybersecurity infrastructure. | |
There is a growing backlog of vulnerabilities submitted to the NVD and requiring | |
analysis. This is based on a variety of factors, including an increase in software | |
and, therefore, vulnerabilities, as well as a change in interagency support. |
0810 b' from ' | |
0678 b' ssh2' | |
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
0708 b'%s' | |
0108 b'/usr/sbin/sshd\x00' | |
0870 b'Accepted password for ' | |
01a0 b'Accepted publickey for ' | |
0c40 b'BN_bin2bn\x00' | |
06d0 b'BN_bn2bin\x00' | |
0958 b'BN_dup\x00' |
Redis Source Available License 2.0 (RSALv2) Agreement | |
Last Update: December 30, 2023 | |
Acceptance | |
This Agreement sets forth the terms and conditions on which the Licensor makes available the | |
Software. By installing, downloading, accessing, Using, or distributing any of the Software, You | |
agree to all of the terms and conditions of this Agreement. |
This document compiles 2018 coverage around post-modern packaging technologies for Linux, including packaging formats like Snaps and Flatpaks, systems like Nix and Guix and full distros such as Atomic or Clear Linux.
This curation and commentary are current as of 18 June 2018. The curation was prepared by José Miguel Parrella (@bureado) as part of his session at Open Source Summit Japan: Package Management and Distribution in a Cloud World.
We compile these resources in an effort to provide individual developers and organizations with current coverage on the state-of-the-art and motivations of the current post-modern packaging landscape with the intention to increase readiness in experimenting with, evaluating and potentially adopting said technologies.
#!/usr/bin/env python | |
"""Find the longest repeated substring. | |
"Efficient way to find longest duplicate string for Python (From Programming Pearls)" | |
http://stackoverflow.com/questions/13560037/ | |
The algorithm is based on "Prefix doubling". | |
The worst time complexity is O(n (log n)^2). Memory requirements are linear. | |
""" | |
import time |
Attribution-ShareAlike 1.0 | |
CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL | |
SERVICES. DISTRIBUTION OF THIS DRAFT LICENSE DOES NOT CREATE AN | |
ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON | |
AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE | |
INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM | |
ITS USE. |
import numpy as np | |
def xgb_quantile_eval(preds, dmatrix, quantile=0.2): | |
""" | |
Customized evaluational metric that equals | |
to quantile regression loss (also known as | |
pinball loss). | |
Quantile regression is regression that |