One of the LifeType users reported a security problem in the RSS parser that allowed any file on your system to be read.  ick.

Oscar has fixed it and 1.1.6 will be released tomorrow.

Everyone on my server has been upgraded already and it probably isn't too critical for them, at least in the case of retrieving their mysql password, which was the reported problem, since mysql doesn't allow remote access, so it would have to be a customer of mine.  Though I suppose since any file could have been read, it is possible that some other file could have been opened.

Actually, I just checked the server logs, and no attempts were made to get any files that had a ".." in them, so everyone should be alright. 

I usually end up forgetting how to do this, so here are my instructions of how to keep Usermin, an administration tool I use for my Lime Daley customers, up-to-date with the developers' changes.

Since it took me a while to figure out the answer, I will post this here to try to help the next guy who has trouble when upgrade snmpd to 5.2.2. The rest of you won't care about this post.

For my company's next product, we are thinking about replacing the normal explorer shell with our own, but we want to be able to access the explorer.exe for debugging, etc. It turns out that when you start explorer, it checks to see if it is listed as a shell, and if it is, and this is the first instantiation of the explorer process, it loads up the desktop/start menu/etc. If the answer is no to either of those cases, it just loads the "regular" file manager view.
Search engine keywords: explorer command line options start menu shell

Since we paid for the professional license, we get OpenMake for "free", so I figured I would try it out. The conclusion is that it isn't worth anything.

I guess I am asking for it, running the gnucash source (1.8.9), but running everything else from Debian testing. I upgraded like usual, somewhere around every week, and didn't think anything of it, because aptitude/Debian always takes care of everything for me. But yesterday, Heather discovered that gnucash wouldn't run any more. oops.

Like so many other articles on this subject, I will start by saying that I looked at various documents, but none of them worked perfectly for me, so I will write up my own steps. Most of the regular readers of this blog will not care at all about SMTP authentication, TLS, SSL, port 25, 465, 587, postfix (the oldstable postfix-tls) or Debian, though search engines should nicely find those keywords for those people who do care about them.

I think this is the worst code I have ever seen, except where people were trying to make code hard to read. This code is in a video driver, written by Silicon Motion.

I wrote a random signature generator for Pine, my email client. It worked great for a number of years, but with a recent upgrade of Pine, it started having trouble a couple of times a day, where the signature would be correctly rotated, but Pine would hang prior to sending the message, and would not save the content of the message either.

I wrote this script a while back to upload (via HTTP) a zip file full of .pbm files, convert all the pictures to bitmaps, put the bitmaps in a zip file, and then send it back to the user.