Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.
@BleepingComputer CVE-2023-46604 (CVSS: 10.0 critical severity, disclosed 26 October 2023 by Apache)
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
The Netherlands' National Cyber Security Centrum (NCSC) states that Proof of Concept has been published publicly, and that they received a report from a trusted partner that the vulnerability has been actively and specifically exploited. https://advisories.ncsc.nl/advisory?id=NCSC-2023-0561
#Linguistics experts are turning to cutting-edge technologies to revitalize threatened #NativeAmerican languages — and rejuvenate generations of indigenous tradition — through new approaches such as children’s books and smartphone apps | Taipei Times
@nixCraft Please use mod_perl only if you want to control the #Apache frontend #httpd in fancy ways, e.g. in different phases of request processing. It's a Frankenstein of httpd and Perl.
For 99% of web applications, better use a dedicated application server for separation of concerns, like Plack in the #Perl ecosystem.
Introducing the Oracle #Java Platform Extension for Visual Studio Code
"Our Java language server is a slimmed down version of the one we developed in the #Apache#Netbeans project, and it is based on the #OpenJDK#JDK ’s javac compiler [...] support for new JDK features as soon as they are introduced, even during Early Access of the JDK."
Looking for a nice web based file manager for an #Apache#webdav server. Apache lets you browse the directory tree but you can't do anything with the files. Must support an existing htpasswd file. #linux#SelfHosting
Weird, if I mount an #apache#webdav resource in an #iOS or #Linux file manager, the index shows me folders I don't have the rights to access. They're hidden in the web UI.
Apache #Pekko is replacing #Akka in Play Framework ❤️😍
I really wish Lightbend well, I hope they thrive, but blowing up the FOSS ecosystem around Akka was a foreseeable consequence of its licensing turning proprietary. All FOSS projects will predictably move to Pekko, and Pekko isn't a drop-in replacement (due to the inevitable change in packages), which puts Akka in a very tough spot.
N.b., version 2.9 is probably the last release with support for Akka.
Dust hasn't settled yet on Apache #Pekko, but I really believe it will thrive.
This is the true power of #FOSS. When you don't agree with the direction, you can fork from the last adequate version! Resources are required, but where there's a need, there's a way 💪
Furthermore, in the case of Pekko, #Apache was the best organization to take this on because they have adequate processes that give credibility to such forks.
If you look at Wikipedia's list of forum software, it's all ancient except discourse, and discourse seems unlikely to ever be something great for users
Its performance is famously terrible. People often point out how unusable it is unless you have a fast phone and the founder's response to this has been to rant about how Qualcomm sucks and need to make faster processors
@supermathie@nodebb@danluu I'm glad to hear that, but I'm surprised it was a commit to the Discourse repo to ban Bing (even if temporarily)? In my experience, bad actors slamming your server still end up tying up resources if they hit the app. We advise our users to head it off at the pass at the reverse proxy level (e.g. #nginx, #apache, etc.)
Had a crazy idea to support tls-alpn for #apache. I think I can make it work by setting up a #caddyserver container but map 443 to a high local port, then proxy all .acme_challenge to caddy, and have the same domains listed in caddy with the generated certs volume-mounted to the location that apache is set up to read, then using inotify to restart apache on change to those cert files.
#Othello front end served by #Apache, written in #JavaScript with #Phaser 3 game engine, back end served with #Flask (soon AWS #Lambda) and written in #Python. There's a lot going on but it sorta works. This proves my idea to offload the processing to a remote back end driving a thin client works.
It plays terribly at the moment, but it's good enough to work on the UX.
CVE-2023-39265 is related to a bypass issue in URI connections to the SQLite database used for the metastore. This vulnerability enables attackers to execute data manipulation commands.
#MastoAdmin#Tip: Don't forget to enable gzip compression in your #Apache or #nginx or whatever you're using as a reverse proxy for #Mastodon to improve performance on slow connections. I have seen requests that could be compressed to 10% their original size!
@itsfoss In 1997 or 1998 I had to live-edit some typos in html pages. I'd say it was an #apache webserver living inside a #linux server, and I had to login via telnet session (ISDN). The editor I used was nano.