Daily Archives

Articles indexed Wednesday April 4 2012

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 16/19 | < Previous Page | 12 13 14 15 16 17 18 19  | Next Page >

  • CVE-2011-4619 Denial of Service (DoS) vulnerability in OpenSSL

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4619 Denial of Service (DoS) vulnerability 5.0 OpenSSL Solaris 10 SPARC: 147707-03 X86: 146672-04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4576 Information Disclosure vulnerability in OpenSSL

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4576 Information Disclosure vulnerability 5.0 OpenSSL Solaris 10 SPARC: 147707-03 X86: 146672-04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2012-0050 Denial of Service (DoS) vulnerability in OpenSSL

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0050 Denial of Service (DoS) vulnerability 5.0 OpenSSL Solaris 11 11/11 SRU 4a This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple vulnerabilities in OpenSSL

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4108 Cryptographic Issues vulnerability 4.3 OpenSSL Solaris 11 11/11 SRU 4a CVE-2011-4109 Unspecified vulnerability 9.3 CVE-2011-4576 Information Disclosure vulnerability 5.0 CVE-2011-4577 Denial of Service (DoS) vulnerability 4.3 CVE-2011-4619 Denial of Service (DoS) vulnerability 5.0 CVE-2012-0027 Denial of Service (DoS) vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple Vulnerabilities in Thunderbird

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3648 Cross-site scripting (XSS) vulnerability 4.3 Thunderbird Solaris 11 11/11 SRU 04 CVE-2011-3650 Denial of Service(DoS) vulnerability 9.3 CVE-2011-3651 Denial of Service(DoS) vulnerability 10.0 CVE-2011-3652 Denial of Service(DoS) vulnerability 10.0 CVE-2011-3654 Denial of Service(DoS) vulnerability 10.0 CVE-2011-3655 Access Control vulnerability 9.3 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-3375 Information Disclosure vulnerability in Apache Tomcat

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3375 Information Exposure vulnerability 5.0 Apache Tomcat Solaris 11 11/11 SRU 04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple Denial of Service vulnerabilities in Wireshark

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0041 Denial of Service(DoS) vulnerability 1.9 Wireshark Solaris 11 11/11 SRU 04 CVE-2012-0042 Denial of Service(DoS) vulnerability 2.9 CVE-2012-0043 Buffer Overflow vulnerability 5.4 CVE-2012-0066 Denial of Service(DoS) vulnerability 1.9 CVE-2012-0067 Denial of Service(DoS) vulnerability 1.9 CVE-2012-0068 Buffer Overflow vulnerability 4.4 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4539 Denial of Service vulnerability in ISC DHCP

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4539 Denial of Service vulnerability 5.0 ISC DHCP Solaris 11 11/11 SRU 04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-3389 Vulnerability in NSS library affects Oracle iPlanet Web Proxy Server

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-3389 Unauthorized information disclosure vulnerability 4.3 NSS Oracle iPlanet Web Proxy Server 4.0 SPARC: 145604-04 X86: 145606-04 Linux: 145605-04 Windows: 145607-04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4862 Buffer Overflow vulnerability in Telnet

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4862 Buffer Overflow vulnerability 7.5 Telnet Solaris 10 SPARC: 148657-01 X86: 148658-01 Solaris 11 11/11 SRU 04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • John Hitchcock of Pace Describes the Oracle Agile PLM Customer Experience

    John Hitchcock, Senior Manager of Configuration Management at Pace (formerly 2Wire, Inc.), sat down for an interview during Oracle's Innovation Summit with Kerrie Foy, Manager of PLM Product Marketing at Oracle. Learn why his organization upgraded to the latest version of Agile and expanded the footprint to achieve impressive savings and productivity gains across the global, networked product value-chain.

    Read the article

  • How to Get Information About Your Backups

    When you need to restore but aren't 100% sure about the contents of your backup files, what do you do? Head to the headers. Grant Fritchey explains how to find the useful bits in these huge stores of information and make sure you restore the right files. New! SQL Monitor 3.0 Red Gate's multi-server performance monitoring and alerting tool gets results from Day One.Simple to install and easy to use – download a free trial today.

    Read the article

  • Find Customers Who Bought "A" and "B" But Not "C" (SQL Spackle)

    A simple problem that can become complex in T-SQL. How do you find the rows that match 2 conditions, but not a third, in an efficient manner. MVP Jeff Moden gives us a solution. What are your servers really trying to tell you? Find out with new SQL Monitor 3.0, an easy-to-use tool built for no-nonsense database professionals.For effortless insights into SQL Server, download a free trial today.

    Read the article

  • Follow-up Answers for my Australia Classes

    - by Kalen Delaney
    I was out of the country for the last two weeks of March, delivering classes in Brisbane and Sydney, which were organized by WardyIT . It was a great visit and there were 24 terrific students! As is sometimes (perhaps often?) the case, there were questions posed that I couldn’t answer during class, so here are a couple of follow-up answers. 1. I brought up the fact that SQLS 2012 generates a warning message when there are ‘too many’ Virtual Log Files (VLFs) in a database. (It turns out the message...(read more)

    Read the article

  • Slides and demo code for Columnstore Index session

    - by Hugo Kornelis
    Almost a week has passed after SQLBits X in London , so I guess it’s about time for me to share the slides and demo code of my session on columnstore indexes. After all, I promised people I would do that – especially when I found out that I had enough demos prepared to fill two sessions! I made some changes to the demo code. I added extra comments, not only to the demos I could not explain and run during the session, but also to the rest, so that people who missed the session will also be able to...(read more)

    Read the article

  • Poor Man’s PowerShell TFS SSMS Integration

    - by merrillaldrich
    This is lame. Still, here goes: I need, increasingly, to author both PowerShell and SQL Server scripts, bundle them into a solution and store that in TFS. Usually the PowerShell scripts are very closely related to SQL Server, and have a lot of SQL in them. I am hopeful that 2012 SSDT, or the tighter integration of SSMS and Visual Studio in 2012, might help put all of this in one place, but for now I am stuck in SSMS 2008 R2. So here are my blunt attempts to marry these activities. (This post is rather...(read more)

    Read the article

  • What's a good algorithm for a random, uneven distribution of a fixed amount of a resource?

    - by NickC
    Problem I have X, a positive integer, of some resource, R. There are N potential targets. I want to distribute all of R to the N targets in some "interesting" way. "Interesting" means: Some targets may not get any R. It should rarely be near even (with a majority of target getting near X/N of the resource). There should be at least a small chance of one target getting all of R. Bad solutions The naive approach would be to pick a random target and give one R to it and repeat X times. This would result in too even of an approach. The next idea is to pick a random number between 1 and X and give it to a random target. This results in too large of a number (at least X/2 on average) being given to one target. Question This algorithm will be used frequently and I want the distribution to be interesting and uneven so that the surprise doesn't wear off for users. Is there a good algorithm for something in between these two approaches, that fits the definition of interesting above?

    Read the article

  • Is it normal to think about a design problem for days with no code written? [closed]

    - by Kim Jong Woo
    Sometimes I stare blankly into space or sketch ideas and write some pseudo codes on paper. Then I scratch it out and start again, then when I think I have the correct solution for the problem I begin writing the code. Is it normal to think for days without writing any code? Is this a sign that I am approaching the problem entirely wrong? It makes me nervous to not getting any tangible code written in my IDE.

    Read the article

  • excel vba to CRUD drupal nodes

    - by Kirk Hings
    We need to periodically migrate Excel reports data into Drupal nodes. We looked at replicating some Excel functionality in Drupal with slickgrid, but it wasn't up to snuff. The Excel reports people don't want to double-enter their data, but their data is important to be in this Drupal site. They have hundreds of Excel reports, and update a row in each weekly. We want a button at the row end to fire a VBA macro that submits the data to Drupal, where a new node is created from the info submitted. (Yes, we are experienced with both Drupal and VBA; all users and the site are behind our firewall.) We need the new node's nid or URL returned so we can then create a link in Excel directly to that node Site is D6, using Services 3.x module. I tried the REST server module, but we can't get it to retrieve data without session authentication on, which we can't do from Excel. (unless you can?) I also noticed the 'data' it was returning via browser url was 14 or 20 nodes' info, not the one nid requested (Example: http://mysite.com/services/rest/report/node/30161) When I attempt to create a simple node like this from VBA: Dim MyURL as String MyURL = "http://mysite.com/services/rest/report/node?node[type]=test&node[title]=testing123&node[field_test_one][0][value]=123" Set objHTTP = CreateObject("MSXML2.ServerXMLHTTP") With objHTTP .Open "POST", MyURL, False .setRequestHeader "Content-Type", "application/x-www-form-urlencoded" .send (MyURL) End With I get HTTP Status: Unauthorized: Access denied for user 0 "anonymous" and HTTP Response: null Everything I search for has examples in php or java, nothing in VBA. Also tried switching to using an XMLRPC server but that's even more confusing. We would like json (used application/json, set formatter accordingly in REST server settings), but will use anything that works. Ideas? Thanks in advance!

    Read the article

  • Books or guides regarding secure key storage and database encryption

    - by Matty
    I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the problem of securely storing the keys so that in the event the server was somehow compromised, the keys couldn't just be recovered and used to decrypt the database. Are there any decent books to guides regarding database encryption, and in particular secure key storage? This seems to be a less than straightforward topic and something that is difficult to get right. I'm seeing multiple ways to attack such a system, but unable to come up with one that is secure enough to store highly confidential information.

    Read the article

  • Why are interfaces useful?

    - by Pankaj Upadhyay
    I have been studying and coding in C# for some time now. But still, I can't figure the usefulness of Interfaces. They bring too little to the table. Other than providing the signatures of function, they do nothing. If I can remember the names and signature of the functions which are needed to be implemented, there is no need for them. They are there just to make sure that the said functions(in the interface) are implemented in the inheriting class. C# is a great language, but sometimes it gives you the feeling that first Microsoft creates the problem (not allowing multiple inheritance) and then provides the solution, which is rather a tedious one. That's my understanding which is based on limited coding experience. What's your take on interfaces? How often you make uses of them and what makes you do so?

    Read the article

  • Is the Leptonica implementation of 'Modified Median Cut' not using the median at all?

    - by TheCodeJunkie
    I'm playing around a bit with image processing and decided to read up on how color quantization worked and after a bit of reading I found the Modified Median Cut Quantization algorithm. I've been reading the code of the C implementation in Leptonica library and came across something I thought was a bit odd. Now I want to stress that I am far from an expert in this area, not am I a math-head, so I am predicting that this all comes down to me not understanding all of it and not that the implementation of the algorithm is wrong at all. The algorithm states that the vbox should be split along the lagest axis and that it should be split using the following logic The largest axis is divided by locating the bin with the median pixel (by population), selecting the longer side, and dividing in the center of that side. We could have simply put the bin with the median pixel in the shorter side, but in the early stages of subdivision, this tends to put low density clusters (that are not considered in the subdivision) in the same vbox as part of a high density cluster that will outvote it in median vbox color, even with future median-based subdivisions. The algorithm used here is particularly important in early subdivisions, and 3is useful for giving visible but low population color clusters their own vbox. This has little effect on the subdivision of high density clusters, which ultimately will have roughly equal population in their vboxes. For the sake of the argument, let's assume that we have a vbox that we are in the process of splitting and that the red axis is the largest. In the Leptonica algorithm, on line 01297, the code appears to do the following Iterate over all the possible green and blue variations of the red color For each iteration it adds to the total number of pixels (population) it's found along the red axis For each red color it sum up the population of the current red and the previous ones, thus storing an accumulated value, for each red note: when I say 'red' I mean each point along the axis that is covered by the iteration, the actual color may not be red but contains a certain amount of red So for the sake of illustration, assume we have 9 "bins" along the red axis and that they have the following populations 4 8 20 16 1 9 12 8 8 After the iteration of all red bins, the partialsum array will contain the following count for the bins mentioned above 4 12 32 48 49 58 70 78 86 And total would have a value of 86 Once that's done it's time to perform the actual median cut and for the red axis this is performed on line 01346 It iterates over bins and check they accumulated sum. And here's the part that throws me of from the description of the algorithm. It looks for the first bin that has a value that is greater than total/2 Wouldn't total/2 mean that it is looking for a bin that has a value that is greater than the average value and not the median ? The median for the above bins would be 49 The use of 43 or 49 could potentially have a huge impact on how the boxes are split, even though the algorithm then proceeds by moving to the center of the larger side of where the matched value was.. Another thing that puzzles me a bit is that the paper specified that the bin with the median value should be located, but does not mention how to proceed if there are an even number of bins.. the median would be the result of (a+b)/2 and it's not guaranteed that any of the bins contains that population count. So this is what makes me thing that there are some approximations going on that are negligible because of how the split actually takes part at the center of the larger side of the selected bin. Sorry if it got a bit long winded, but I wanted to be as thoroughas I could because it's been driving me nuts for a couple of days now ;)

    Read the article

  • What to answer to a customer who asks which one of two equivalent technologies must be used?

    - by MainMa
    As a freelancer, I am often asked by my customers what they must choose between similar elements, neither of which being better than another. Examples: “Do I need my e-commerce website be in PHP or ASP.NET?” “Do I need to host this ordinary web service in Cloud or use an ordinary hosting service?” “Which one is better for my new website: MySQL or Oracle?” etc. There is maybe at most 1% of cases where the choice is relevant, and there is a real, objective reason to use one over another, based on the precise metrics and studies. In all other cases, it doesn't matter at all. It is totally, completely irrelevant, either because there are no implications¹, or because those implications are too small to be taken in account², or, finally, because it's impossible to predict those implications³. If you know one thing and not another one, the answer to those questions is easy: “You can either write the application in C# or Java, both being probably equivalent in your case. Note that I'm a C# developer, so if you choose Java, I would not be able to work on your project and you would need to find another freelancer.” When you know both technologies, you can't answer that. In this case, how to explain to the customer that the question he asks is subject to flamewar and has no real consequences on his project? In other words, how to explain that you've chosen to use one technology rather than an equivalent one for the reasons related to human resources, without giving the impression to be unprofessional or to not care about the project? ¹ Example: Is MySQL better (worse?), performance-wise, compared to Oracle, for a personal website which will be accessed by, oh, let's be optimistic, two people per day? ² Example: for a given project, I was asked to asset if Windows Azure hosting would be cheaper than the hosting of the same application on a well-known ASP.NET hosting provider. The cost revealed to be exactly the same. ³ Example: your customer have an idea of a future application (the idea itself being extremely vague). There is no business plan, no requirements, nothing at all. Just an idea. You are asked if Java is better than C# for this app. What do you answer?

    Read the article

  • As a tooling/automation developer, can I be making better use of OOP?

    - by Tom Pickles
    My time as a developer (~8 yrs) has been spent creating tooling/automation of one sort or another. The tools I develop usually interface with one or more API's. These API's could be win32, WMI, VMWare, a help-desk application, LDAP, you get the picture. The apps I develop could be just to pull back data and store/report. It could be to provision groups of VM's to create live like mock environments, update a trouble ticket etc. I've been developing in .Net and I'm currently reading into design patterns and trying to think about how I can improve my skills to make better use of and increase my understanding of OOP. For example, I've never used an interface of my own making in anger (which is probably not a good thing), because I honestly cannot identify where using one would benefit later on when modifying my code. My classes are usually very specific and I don't create similar classes with similar properties/methods which could use a common interface (like perhaps a car dealership or shop application might). I generally use an n-tier approach to my apps, having a presentation layer, a business logic/manager layer which interfaces with layer(s) that make calls to the API's I'm working with. My business entities are always just method-less container objects, which I populate with data and pass back and forth between my API interfacing layer using static methods to proxy/validate between the front and the back end. My code by nature of my work, has few common components, at least from what I can see. So I'm struggling to see how I can better make use of OOP design and perhaps reusable patterns. Am I right to be concerned that I could be being smarter about how I work, or is what I'm doing now right for my line of work? Or, am I missing something fundamental in OOP? EDIT: Here is some basic code to show how my mgr and api facing layers work. I use static classes as they do not persist any data, only facilitate moving it between layers. public static class MgrClass { public static bool PowerOnVM(string VMName) { // Perform logic to validate or apply biz logic // call APIClass to do the work return APIClass.PowerOnVM(VMName); } } public static class APIClass { public static bool PowerOnVM(string VMName) { // Calls to 3rd party API to power on a virtual machine // returns true or false if was successful for example } }

    Read the article

  • "// ..." comments at end of code block after } - good or bad?

    - by gablin
    I've often seen such comments be used: function foo() { ... } // foo while (...) { ... } // while if (...) { ... } // if and sometimes even as far as if (condition) { ... } // if (condition) I've never understood this practice and thus never applied it. If your code is so long that you need to know what this ending } is then perhaps you should consider splitting it up into separate functions. Also, most developers tools are able to jump to the matching bracket. And finally the last is, for me, a clear violation to the DRY principle; if you change the condition you would have to remember to change the comment as well (or else it could get messy for the maintainer, or even for you). So why do people use this? Should we use it, or is it bad practice?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 12 13 14 15 16 17 18 19  | Next Page >