This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
| /* The world's smallest Brainfuck interpreter in C, by Kang Seonghoon | |
| * http://j.mearie.org/post/1181041789/brainfuck-interpreter-in-2-lines-of-c */ | |
| s[99],*r=s,*d,c;main(a,b){char*v=1[d=b];for(;c=*v++%93;)for(b=c&2,b=c%7?a&&(c&17 | |
| ?c&1?(*r+=b-1):(r+=b-1):syscall(4-!b,b,r,1),0):v;b&&c|a**r;v=d)main(!c,&a);d=v;} |
${...} is the property placeholder syntax. It can only be used to dereference properties.
#{...} is SpEL syntax, which is far more capable and complex. It can also handle property placeholders, and a lot more besides.
Both are valid, and neither is deprecated.
| # https://stackoverflow.com/questions/6543519/undoing-accidental-git-stash-pop | |
| # https://stackoverflow.com/questions/89332/how-to-recover-a-dropped-stash-in-git | |
| accepted | |
| If you have only just popped it and the terminal is still open, you will still have the hash value printed by git stash pop on screen (thanks, Dolda). | |
| Otherwise, you can find it using this for Linux and Unix: | |
| git fsck --no-reflog | awk '/dangling commit/ {print $3}' | |
| and for Windows: |
It happens that there are many standards for storing cryptography materials (key, certificate, ...) and it isn't always obvious to know which standard is used by just looking at file name extension or file content. There are bunch of questions on stackoverflow asking about how to convert from PEM to PKCS#8 or PKCS#12, while many tried to answer the questions, those answers may not help because the correct answer depends on the content inside the PEM file. That is, a PEM file can contain many different things, such as an X509 certificate, a PKCS#1 or PKCS#8 private key. The worst-case scenario is that someone just store a non-PEM content in "something.pem" file.
| ;;; Startup | |
| ;;; PACKAGE LIST | |
| (setq package-archives | |
| '(("melpa" . "https://melpa.org/packages/") | |
| ("elpa" . "https://elpa.gnu.org/packages/"))) | |
| ;;; BOOTSTRAP USE-PACKAGE | |
| (package-initialize) | |
| (setq use-package-always-ensure t) | |
| (unless (package-installed-p 'use-package) |
It happens that there are many standards for storing cryptography materials (key, certificate, ...) and it isn't always obvious to know which standard is used by just looking at file name extension or file content. There are bunch of questions on stackoverflow asking about how to convert from PEM to PKCS#8 or PKCS#12, while many tried to answer the questions, those answers may not help because the correct answer depends on the content inside the PEM file. That is, a PEM file can contain many different things, such as an X509 certificate, a PKCS#1 or PKCS#8 private key. The worst-case scenario is that someone just store a non-PEM content in "something.pem" file.
| public interface Debuggable { | |
| default String debug() { | |
| StringBuilder sb = new StringBuilder(this.getClass().getName()); | |
| sb.append(" [ "); | |
| Field[] fields = this.getClass().getDeclaredFields(); | |
| for(Field f: fields) { | |
| f.setAccessible(true); | |
| try { | |
| sb.append(f.getName() + " = " + f.get(this)); | |
| sb.append(", "); |
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
| ;;; Startup | |
| ;;; PACKAGE LIST | |
| (setq package-archives | |
| '(("melpa" . "https://melpa.org/packages/") | |
| ("elpa" . "https://elpa.gnu.org/packages/"))) | |
| ;;; BOOTSTRAP USE-PACKAGE | |
| (package-initialize) | |
| (setq use-package-always-ensure t) | |
| (unless (package-installed-p 'use-package) |
