We run the CA against a single database in order to minimize complexity. Minimizing complexity is good for security, reliability, and reducing maintenance burden. We have a number of replicas of the database active at any given time, and we direct some read operations to replica database servers to reduce load on the primary.
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
比較有趣的事情是,這個 bug 是小朋友在亂玩時拉出 virtual keyboard 觸發的:
A few weeks ago, my kids wanted to hack my linux desktop, so they typed and clicked everywhere, while I was standing behind them looking at them play... when the screensaver core dumped and they actually hacked their way in! wow, those little hackers...
然後他說他自己搞不出來:
I tried to recreate the crash on my own with no success, maybe because it required more than 4 little hands typing and using the mouse on the virtual keyboard.
另外一個人也說他家小朋友也弄出 segfault 了:
My kids came upon a similar cinnamon-screensaver segfault! I've emailed details of how to reproduce the problem to root@linuxmint.com.
Journalists should also be wary of publishing raw audio leaked from Zoom meetings, particularly if the source is not sure whether audio watermarking was enabled or not.
不過看了一下發現 support 期間還是很短,一般的 release 是三個月,ESR 也才九個月:
另外一個大問題是在行動平台上多帳號的支援,官方在「Mobile Apps FAQ」有提到這個問題,然後也有解釋技術上的問題,不過從 issue tracking system 可以看到官方對這個 feature 進展不怎麼快:
At the moment, we only support connecting to one server at a time; however, we are aware that this is one of the top feature requests for the mobile app. We are currently investigating some technical challenges, such as how to handle push notifications coming from multiple servers. To follow our progress on this feature, you can join the RN: Multi-Server channel on our community server.
~/.config/xfce4/terminal/accels.scm looked promising but my changes were undone after a restart, so I made it read-only but it turns out commenting out the relevant lines makes no difference anyway.
Syncthing is a popular peer-to-peer file sharing/synchronization software. It uses a web GUI which can be a little confusing for beginners. SyncTrayzor is an open source client that makes the P2P tool more user-friendly.
We also did some long-needed license cleanup and gave the license a name (Nmap Public Source License) to avoid the previous confusion of Nmap being under "GPLv2 with various clarifications and exceptions". The NPSL is still based on the GPLv2, but brings in terms from some other popular open source licenses. See https://nmap.org/npsl