Tux Machines

Programming Leftovers

Posted by Roy Schestowitz on Nov 22, 2024

=> Khronos Group takes over cross-platform Slang shading language from NVIDIA | Security and Windows TCO Leftovers

Security Week ☛ MITRE Updates List of 25 Most Dangerous Software Vulnerabilities

=> ↺ MITRE Updates List of 25 Most Dangerous Software Vulnerabilities

Cross-site scripting (XSS) vulnerabilities are at the top of this year’s CWE Top 25 list, up from the second position last year, with out-of-bounds write flaws dropping to the second place.

While SQL injection bugs have remained on the third position, cross-site request forgery (CSRF), path traversal, and out-of-bounds read defects went up by five, three, and one place, respectively, displacing OS command injection and use-after-free issues.

Karl Seguin ☛ One method declaration; two Zig annoyances

=> ↺ One method declaration; two Zig annoyances

In the following code, we create a Post structure with a skeleton format method. Despite being pretty comfortable with Zig, I could stare at this code for hours and not realize that it has two issues.

PHP: PHP 8.4[.1] Release Announcement

=> ↺ PHP: PHP 8.4[.1] Release Announcement

LWN ☛ PHP 8.4.1 released

=> ↺ PHP 8.4.1 released

Version

8.4.1 of the PHP language has been released. See this page for details on

the new features in this release. "PHP 8.4 is a major update of the PHP

language. It contains many new features, such as property hooks,

asymmetric visibility, an updated DOM Hey Hi (AI) performance improvements, bug

fixes, and general cleanup."

Python

The New Stack ☛ How To Convert a Timestamp to a String in Python

=> ↺ How To Convert a Timestamp to a String in Python

Timestamps are incredibly useful in programming. Instead of having to hard-code dates, you can instead opt to go with timestamps

TecMint ☛ 10 Best Python Libraries Every Data Analyst Should Learn

=> ↺ 10 Best Python Libraries Every Data Analyst Should Learn

Whether you’re just starting as a data analyst or are looking to expand your toolkit, knowing the right Python libraries can significantly enhance your productivity in Python.

Didier Stevens ☛ Interfacing With A Cheap Geiger Counter | Didier Stevens

=> ↺ Interfacing With A Cheap Geiger Counter | Didier Stevens

This picture was taken on an airplane: you have more radiation (cosmic rays) at high altitude.

I figured out how to interface with this counter in Python to log real time data: [...]

Raspberry Pi ☛ Using Python with virtual environments | The MagPi #148

=> ↺ Using Python with virtual environments | The MagPi #148

Raspberry Pi OS comes with Python 3 pre-installed. Interfering with the system Python installation can cause problems for your operating system. When you install third-party Python libraries, always use the correct package-management tools.

On Linux, you can install python dependencies in two ways: [...]

Shell/Bash/Zsh/Ksh

William Woodruff ☛ TIL: Some surprising code execution sources in bash

=> ↺ TIL: Some surprising code execution sources in bash

I ran across two surprising sources of code execution in bash (and probably other shells) recently.

In a historic context these probably weren't too serious of a problem, but in the context of CI systems where everything is a rats' nest of shell and YAML they could be useful execution primitives.

=> gemini.tuxmachines.org