News

We have released the uri gem version 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1 that has a security fix for a ReDoS vulnerability.
This vulnerability has been assigned the CVE identifier CVE-2023-28755.

Details

A ReDoS issue was discovered in the URI component. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects.

The uri gem version 0.12.0, 0.11.0, 0.10.1, 0.10.0 and all versions prior 0.10.0 are vulnerable for this vulnerability.

Recommended action

We recommend to update the uri gem to 0.12.1. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead:

• For Ruby 2.7: Update to uri 0.10.0.1
• For Ruby 3.0: Update to uri 0.10.2
• For Ruby 3.1: Update to uri 0.11.1
• For Ruby 3.2: Update to uri 0.12.1

You can use gem update uri to update it. If you are using bundler, please add gem "uri", ">= 0.12.1" (or other version mentioned above) to your Gemfile.

Affected versions

• uri gem 0.12.0
• uri gem 0.11.0
• uri gem 0.10.1
• uri gem 0.10.0 or before

Credits

Thanks to Dominic Couture for discovering this issue.

History

• Originally published at 2023-03-28 01:00:00 (UTC)
• Update Affected versions at 2023-03-28 02:00:00 (UTC)

Posted by hsbt on 28 Mar 2023

Podman and Ansible are even better together for enabling automation and orchestration of container and pod lifecycles. Read More at Enable Sysadmin

The post Automate container and pod deployments with Podman and Ansible appeared first on Linux.com.

Did you know that pigs eat humans “far more often than people expect?” If not, surely you must have heard the important, breaking news that a priest “died” in 2016, went to Hell briefly and returned to inform the rest of us that demons like to play Rhianna’s Umbrella song over and over again. If you aren’t aware of these important news stories then maybe you haven’t been spending enough time using Windows’ search box and widgets section, which at least for me, are filled to the brim with tabloid trash headlines. The stories come courtesy of Microsoft’s MSN content network, which syndicates content from hundreds of web publishers: some reputable, some less so. Full disclosure: Our parent company, Future Plc, has a syndication agreement with MSN and many of its sites, including Tom’s Hardware, occasionally have articles appear on the network. What’s problematic here, though, is not that MSN syndicates content but that it often pushes the equivalent of the Weekly World News table of contents right into the Windows operating system where it can be hard to avoid. Actions have consequences. If you choose to use Windows, you choose to get fed garbage all over your operating system in the form of ads and tabloid news.

Naimat e Iftar – Mah e Ramzan Aur Khawateen – Shan e Ramzan

Topic: Islam Ka Falsafa e Ibadat

Host: Syeda Nida Naseem

Guest: Prof. Sadia Ansari, Imtiyaz Javed Khakvi, Sehar Azam

Subscribe Here: https://bit.ly/3dh3Yj1

#ShaneRamzan2023 #NaimateIftar #MaheRamzanAurKhawateen

Official Facebook: https://www.facebook.com/ARYQTV/
Official Website: https://aryqtv.tv/
Watch ARY Qtv Live: http://live.aryqtv.tv/
Programs Schedule: https://aryqtv.tv/schedule/
Islamic Information: https://bit.ly/2MfIF4P
Android App: https: //bit.ly/33wgto4
Ios App: https: https://apple.co/2v3zoXW

Marckson de Moraes e Hélio Cereja contam que para construir uma narrativa é necessário um conjunto de profissionais do teatro, o corpo técnico, sem eles as emoções não seriam ressaltadas no palco

Les favoris du Masters 1000 de Miami, l’Espagnol Carlos Alcaraz et la Bélarusse Aryna Sabalenka, se sont facilement imposés dimanche, et l’Américain Taylor Fritz et le Danois Holger Rune ont validé leur ticket et s’affronteront en huitièmes de finale.

#saikumartechy #bloggingtutorial #howtostartablog

How to Create a Blog in 2023 | Most Important Blogger Settings | Full Details in Telugu | @SaikumarTechy

Hi, thanks for watching our video about How to Create a Blog in 2023
In this video we’ll walk you through:
Blog Creation Tips
Blogger settings explained
How to start a blog

Robots.txt File:
http://bit.ly/40yGKML

మీకు ఏ వీడియో కావాలన్నా నన్ను కాంటాక్ట్ చేస్తే నేను కచ్చితంగా ఆ వీడియో చేస్తాను.

Check out our channel here:
https://www.youtube.com/@SaikumarTechy
Don’t forget to subscribe!

FIND US AT;
https://saikumartechy.com

Join Whatsapp Group For Your Doubts❓
https://chat.whatsapp.com/EkxKGhi1tlI…

FOLLOW US ON SOCIAL;
Get updates or reach out to Get updates on our Social Media Profiles!
☣️Twitter:
https://twitter.com/Saikumartechy

☣️Facebook: https://www.facebook.com/saikumartechy

☣️Instagram: https://www.instagram.com/saikumar_techy

☣️Telegram:
https://t.me/saikumartechy

☣️Share chat: https://b.sharechat.com/L6sgfRITDeb

☣️Website :- https://saikumartechy.com

DAILY JOB UPDATES
follow this website :-
https://bharatbadi.com

TOPICS COVERED:-
How to start a blog 2023
Blogging for beginners
Telugu blog creation guide
Best blogger settings to use
Telugu blog writing tips and tricks

#saikumartechy #saikumar #blogger
#howtostartablog #bloggingtutorial

For Any Copyrighted matters Contact us:
contact@saikumartechy.com

Disclaimer- Some contents are used for educational
purpose under fair use. Copyright Disclaimer Under
Section 107 of the Copyright Act 1976, allowance is
made for “fair use” for purposes such as criticism,
comment, news reporting, teaching, scholarship,
and research. Fair use is a use permitted by
copyright statute that might otherwise be infringing.
Non-profit, educational or personal use tips the
balance in favor of fair use.

:- Images used in this video thumbnail belongs to respected owners , not mine thanks to them.

N͟O͟ C͟O͟P͟Y͟R͟I͟G͟H͟T͟ I͟N͟F͟R͟I͟N͟G͟E͟M͟E͟N͟T͟ I͟N͟T͟E͟N͟D͟E͟D͟

COPYRIGHT NOTICE:-
Please feel free to leave Me a notice if you find this upload inappropriate. Contact me personally if you are against an upload wish you may have rights to the music, instead of contacting YouTube about a copyright infringement.

The Drop Times is delighted to announce that we will be media partners for the forthcoming DrupalSouth 2023.DrupalSouth is Australia and New Zealand’s regional Drupal meeting.

The fifth RC build for the FreeBSD 13.2 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.

GNU a2ps is an Any to PostScript filter.  Of course it processes plain
text files, but also pretty prints quite a few popular languages.

For more information, see https://www.gnu.org/software/a2ps/

This release is a minor bug-fix release; no pressing need to update unless
you’re affected by a bug it fixes (see the end of this message for details).

Here are the compressed sources and a GPG detached signature:
  https://ftpmirror.gnu.org/a2ps/a2ps-4.15.3.tar.gz
  https://ftpmirror.gnu.org/a2ps/a2ps-4.15.3.tar.gz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are the SHA1 and SHA256 checksums:

b2ae4016b789a198c50a2f1dc0fefc11bda18ebe  a2ps-4.15.3.tar.gz
0A6B4OtNy/LUlj2J4d8rtm9x5m1ztBUsQ8+YOOaq98c  a2ps-4.15.3.tar.gz

The SHA256 checksum is base64 encoded, instead of the
hexadecimal encoding that most checksum tools default to.

Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg –verify a2ps-4.15.3.tar.gz.sig

The signature should match the fingerprint of the following key:

  pub   rsa2048 2013-12-11 [SC]
        2409 3F01 6FFE 8602 EF44  9BB8 4C8E F3DA 3FD3 7230
  uid   Reuben Thomas <rrt@sc3d.org>
  uid   keybase.io/rrt <rrt@keybase.io>

If that command fails because you don’t have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the ‘gpg –verify’ command.

  gpg –locate-external-key rrt@sc3d.org

  gpg –recv-keys 4C8EF3DA3FD37230

  wget -q -O- ‘https://savannah.gnu.org/project/release-gpgkeys.php?group=a2ps&download=1’ | gpg –import –

As a last resort to find the key, you can try the official GNU
keyring:

  wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
  gpg –keyring gnu-keyring.gpg –verify a2ps-4.15.3.tar.gz.sig

This release was bootstrapped with the following tools:
  Autoconf 2.71
  Automake 1.16.5
  Gnulib v0.1-5892-g83006fa8c9

NEWS

* Noteworthy changes in release 4.15.3 (2023-03-26) [stable]
 * Bug fixes:
   – Fix fixps to use GhostScript’s ps2write device instead of defunct
     pswrite.
 * Build:
   – Fix a problem building PDF version of manual.