Language Selection

English French German Italian Portuguese Spanish

Red Hat

IBM Fires Red Hat CFO

Filed under
Red Hat
  • Red Hat CFO Loses Out on Retention Bonus Following Standards-Related Ouster

    Red Hat Inc.’s finance chief Eric Shander has been dismissed from the company, forfeiting a $4 million retention award that was agreed to ahead of Red Hat’s acquisition by International Business Machines Corp.

    The Raleigh, N.C.-based software company confirmed late Thursday that Mr. Shander was no longer working at Red Hat. “Eric was dismissed without pay in connection with Red Hat’s workplace standards,” a company spokeswoman said in a statement.

    The company, which said that its accounting and control functions remain healthy, on Friday declined to provide specifics about what led to Mr. Shander’s dismissal.

  • Red Hat CFO 'Dismissed' From Company, Forfeits $4M Retention Award

    "Red Hat Inc.'s finance chief Eric Shander has been dismissed from the company, forfeiting a $4 million retention award that was agreed to ahead of Red Hat's acquisition by IBM," reports the Wall Street Journal...

Hubert Figuiere on Flatpak and Flathub, GLib 2.63.1 Coming Soon

Filed under
Red Hat
GNOME
  • Getting a stack trace out of a Flatpak

    So, the flatpak application you use just crashed

    How do you report it? If you file a bug just saying it crashed, the developers will probably ask for some stack trace. On Fedora 30, for example, abrt (the crash reporting system) doesn't provide any useful information. Let's see if we can extract that information.

    We are gonna have to use the terminal to use some command line tools. Flatpak has a tool flatpak-coredumpctl to use the core dump in the flatpak sandbox. The core dump is an image of the program memory when it crashed that will contain a lot about the crash. But by default the tool will not be able to provide much useful info. There is some initial setup need to be able to have a better output.

    First you must make sure that you have the right Debug package for the right version of the Flatpak runtime. Well, actually, for the corresponding SDK.

  • Music, Flathub and Qt

    I quickly realised that trying these apps on my Dell XPS 13 was really an adventure, mostly because of HiDPI (the high DPI screen that the PS 13 has). Lot of the applications found on Fedora, by default, don't support high DPI and a thus quasi impossible to use out of the box. Some of it is fixable easily, some of it with a bit more effort and some, we need to try harder.

    Almost all the apps I have tried used Qt. With Qt5 the fix is easy, albeit not necessarily user friendly. Just set the QT_AUTO_SCREEN_SCALE_FACTOR environment variable to 1 as specified in Qt HiDPI support documentation. There is also an API to set the attribute on the QCoreApplication object. There must be a good reason why this opt-in and not opt-out.

    [...]

    In the end, I have Hydrogen available on Flathub, the three others in queue for Flathub, and all have had patches submitted (with Muse3 and Rosegarden already merged upstream).

  • g_warning_once() in GLib 2.63.1

    GLib 2.63.1 will be released in the next few weeks, and will contain a fun new API to slightly simplify emitting a warning once, and then shutting up to avoid emitting loads of log spam.

Red Hat Leftovers

Filed under
Red Hat
  • Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning: Your questions answered (Part 2)

    During a recent webinar titled, “Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning,” we received a lot of interest and many questions regarding the topic. Some of the questions were coming in at a very rapid rate and we were not able to address them all. As a followup to our webinar, we have decided to put the answers to those questions into this blog post. The questions are listed below. This is part two in a series, check out our first blog post here.

    The demo in the webinar showed a combination of CloudForms/Ansible Tower to accomplish lifecycle provisioning. Is CloudForms an alternative or must it be used together with Ansible? Can you elaborate on the integration?

  • Tagging resources for IT and business alignment

    Traditional IT management based on fixed resources stopped making sense with the cloud, an unlimited pool of resources that can be accessed from any point in the world. Companies are moving from a CAPEX intensive environment to a new OPEX based cloud. With the new consumption model that favours the cloud, the weight shifts from asset lifecycle management to resource governance. This generates additional requirements for forecasting and budgeting. But the question is still "are we spending our money well?"

    The question is not so simple to answer because comparisons are difficult. The first reaction many organizations have is to believe that lower costs are better costs, but in many cases that is basically wrong.

    For instance, it is easy to reduce costs by purchasing a storage service that is cheaper than the one you are using now. However, that change may be associated with a decrease in performance; can your application support it or would you be losing customers - and revenue - in the process? The same thing can happen if you reduce expenses at the cost of limiting the application availability and not investing enough in load balancers, databases or application workers.

    In order to align business, resources and costs you need to take several steps; in this post we will outline some best practices we have been gathering about the topic.

  • Red Hat: We’re a neutral broker

    Red Hat claims to be a neutral broker that will pave the way for organisations to run the same container application platform across different public cloud services and in a hybrid cloud environment.

    This comes at a time when major public cloud suppliers are all trying to differentiate themselves through platform services – for example, with their own implementations of the open-source Kubernetes container orchestration platform.

    Speaking to Computer Weekly on the sidelines of Red Hat Forum in Singapore, Damien Wong, vice-president and general manager for Asian growth and emerging markets at Red Hat, said the company’s OpenShift platform will let enterprises run containerised applications on the same platform, regardless of cloud deployment model or underlying cloud infrastructure service.

  • [Older] How Red Hat is pioneering a serverless movement

    The old-school "one server/one function" concept has prevailed for veritable decades in the technology realm, whereby a single server stands duty to perform authentication, file, print, web, messaging, and other services.

    That's the past. The future is moving towards a serverless model whereby functions (e.g. applications) are more important than actual server implementations.

IBM/Red Hat and Fedora: CentOS, Ceph, Mainframes and Fedora Migration/Refresh

Filed under
Red Hat
  • Download CentOS 8 ? DVD ISO Image

    CentOS is a Linux operating system, which is a 100% compatible rebuild of the Red Hat Enterprise Linux operating system. A user can download and use this enterprise-level operating system free of cost. CentOS 8 is the latest version available to download.

  • Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning: Your questions answered (Part 1)

    During a recent webinar titled, “Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning,” we received a lot of interest and many questions regarding the topic. Some of the questions were coming in at a very rapid rate and we were not able to address them all. As a followup to our webinar, we have decided to put the answers to those questions into this blog post. The questions are listed below.

  • Red Hat Ceph object store on Dell EMC servers (Part 1)

    Organizations are increasingly being tasked with managing billions of files and tens to hundreds of petabytes of data. Object storage is well suited to these challenges, both in the public cloud and on-premise. Organizations need to understand how to best configure and deploy software, hardware, and network components to serve a diverse range of data intensive workloads.

    This blog series details how to build robust object storage infrastructure using a combination of Red Hat Ceph Storage coupled with Dell EMC storage servers and networking. Both large-object and small-object synthetic workloads were applied to the test system and the results subjected to performance analysis. Testing also evaluated the ability of the system under test to scale beyond a billion objects.

  • Why Linux Developers Should Reconsider IBM Mainframes

    When mainframes were mainstream, many software professionals in the industry today were not even born yet. Mainframe computers have an extensive history, which makes it tempting to call them old, but today’s mainframes are extremely mature, fast, reliable and powerful. In fact, they are critical to the modern economy: Top airlines, banks, insurance companies and health care corporations rely on mainframe computing.

    One of the organizations keeping this technology with the times is IBM, with its IBM Z family of mainframe computers. Some of these mainframes—like the 31-bit s390 and, later, the 64-bit s390x architecture—were originally designed and built in the 1960s, and they have continued to evolve and modernize.

    “IBM still sells a lot of these even today,” said Elizabeth K. Joseph, a seasoned open source advocate who recently joined IBM as the developer advocate for its Z architectures. These machines run operating systems including z/OS, z/VM, z/VSE and z/TPF, as well as Linux-based distributions like Red Hat Enterprise Linux and SUSE Linux Enterprise Server.

  • Fedora localization platform migrates to Weblate

    Fedora Project provides an operating system that is used in a wide variety of languages and cultures. To make it easy for non-native English speakers to use Fedora, significant effort is made to translate the user interfaces, websites and other materials.

    Part of this work is done in the Fedora translation platform, which will migrate to Weblate in the coming months.

    This migration was mandatory as development and maintenance of Zanata — the previous translation platform — ceased in 2018.

    There are a number of translation platforms available, but having a translation platform that is open source, answering Fedora Project’s needs, and likely to be long-lived are key considerations in choosing Weblate. Most other translation platforms being closed source or lacking features.

  • F30-20191009 updated Live Isos released

    The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190904 Live ISOs, carrying the 5.2.18-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

    A huge thank you goes out to irc nicks dowdle, Southern-Gentleman for testing these iso.

Red Hat: EPEL8, vDPA and Apache Kafka on OpenShift

Filed under
Red Hat
  • EPEL8 packages

    With the opening up of EPEL8, there’s a lot of folks looking and seeing packages they formerly used in EPEL6/7 not being available and wondering why. The reason is simple: EPEL is not a fixed exact list of packages, it’s a framework that allows interested parties to build and provide the packages they are interested in providing to the community.

    This means for a package to be in EPEL8, it requires a maintainer to step forward and explicitly ask “I’d like to maintain this in EPEL8” and then build, test and do all the other things needed to provide that package.

    The reason for this is simple: We want a high quality, maintained collection of packages. Simply building things once and never again doesn’t allow for someone fixing bugs, updating the package or adjusting it for other changes. We need a active maintainer there willing and able to do the work.

  • vDPA hands on: The proof is in the pudding

    In this post, we will set up vDPA using its DPDK framework. Since vDPA compatible HW cards are in the process of being commonly available on the market, we will work around the HW constraint by using a paravirtualized Virtio-net device in a guest as if it was a full Virtio HW offload NIC.

  • Open Banking with Microservices Architectures and Apache Kafka on OpenShift

    Last month, at OpenShift Commons Gathering Milan, Paolo Gigante and Pierluigi Sforza of Poste Italiane, showed the audience how they built a microservices based banking architecture using Apache Kafka and OpenShift. Their slides are available here. For more great in-person events like this, register for the next Commons Gathering near you! San Francisco is coming up before the end of the month, and will focus on AI/ML.

Red Hat: Ask Me Anything (AMA) on Red Hat Satellite, Universal Base Image and Presence at DevConf.CZ

Filed under
Red Hat
  • Red Hat Satellite Ask Me Anything Q&A from June and August 2019

    This blog covers the questions and answers during the June and August 2019 Satellite Ask Me Anything (AMA) calls.

    For anyone not familiar, the Satellite AMAs are an "ask me anything" (AMA) style event where we invite Red Hat customers to bring all of their questions about Red Hat Satellite, drop them in the chat, and members of the Satellite product team answers as many of them live as we can during the AMA and we then follow up with a blog post detailing the questions and answers.

  • What is Red Hat Universal Base Image?

    Back in May, we launched the Red Hat Universal Base Image (UBI), targeted at developers building containerized applications for the cloud. Since then, we have published an extensive FAQ covering topics ranging from how often UBI is updated, to how the end user license agreement (EULA) allows you to redistribute applications built on it. These are all great fundamental topics to cover, but people still seem to have a lot of questions around what UBI is and what it isn’t.

    If you are a developer and you are trying to figure out whether UBI is right for you, it might be easier to start by first explaining what it isn’t.

  • DevConf.CZ and Open TestCon CfPs open

    DevConf.CZ is looking for workshops, discussion sessions, and presentations, with a variety of length options available. This large community conference has tracks for a variety of topics including community, IoT, cloud/containers, microservices, networking, desktop, and documentation. And like in years past, there is a dedicated Fedora track. If you weren’t ready to give a presentation at Flock — or if you want to give it to a broader audience — this is your chance. You can submit proposals through the DevConf.cz CfP portal through 1 November.

Red Hat: Improved CVE Pages, OpenShift Container Storage 4 and More

Filed under
Red Hat
  • New and Improved CVE Pages

    In a previous blog post, we mentioned the ongoing work to overhaul our CVE pages and we are happy to announce those changes are now live. If you navigate to any CVE from our Red Hat CVE Database or an external source like a search engine, you'll be presented with the new user interface that displays important information and metadata about a specific CVE that is relevant to Red Hat's products.

  • Red Hat OpenShift Container Storage 4: Driving Innovation through Collaboration

    Red Hat is focused on delivering a storage product that rounds out the Red Hat OpenShift Container Platform ecosystem through enterprise-ready data services for the hybrid cloud. Red Hat OpenShift Container Storage 4 makes it easy for applications — traditional as well as emerging workloads — to consume storage resources, enabling developers to focus on innovation and reducing Time to Market.

  • How automating insights can accelerate efficiencies in banking

    For financial services firms, the effort to do more with less seems like a never-ending goal. Now, with advanced digital technologies such as artificial intelligence (AI), machine learning (ML), cognitive computing, and other modern initiatives to streamline legacy processes and help reduce costs, the effort is gaining renewed ground.

    Automation in banking began in earnest decades ago. In the early 1950s, Bank of America began working with Stanford Research Institute to develop a computer-based check processing system and machine-readable checks that would help the bank more efficiently handle the growing amount of paperwork involved in bookkeeping.

    At the time, banks struggled to keep up with the flow of paper and the manual check-clearing processes involved with billions of checks being written each year. Engineers developed Electronic Recording Machine, Accounting (ERMA), and the M/CR, or magnetic-ink character recognition check coding system. Then in the late 1960s, automated teller machines (ATMs) came onto the scene, fundamentally impacting banking servicing.

Red Hat: Command Line Heroes, SAP, Advanced Ansible Variables in Satellite and Greenpeace Openwashing Tales

Filed under
Red Hat
  • Not your BASIC web experience: Creative for Command Line Heroes Season 3 Episode 2

    Last week, we introduced this series with an overview of Command Line Heroes’ artwork. We hope you enjoyed reading about the details in the images for our first episode of season 3 about Python. Now, we’ll briefly cover how our web designers work to bring that artwork to you in its many forms—and we uncover the secrets of Episode 2: Learning the BASICs.

    Are there considerations beyond the initial design to take into account when putting the artwork online?
    Rachel Ertel, UX Lead: Considerations outside of the initial visual design are largely based on user experience. These include making sure the page’s load time is quick, to thinking through the way that the user would interact with copy, graphics, and actionable links. We want to make sure that the user comes to the right information at the right time, and that the process of getting where they want to go requires minimum effort and provides maximum reward.

  • Enhancing availability of SAP deployments with Red Hat Enterprise Linux 7 for SAP Solutions

    In August 2019, we announced the general availability of Red Hat Enterprise Linux (RHEL) 7.7, the latest update to the stable and production-ready RHEL 7 platform. RHEL 7 helps customers meet the modern datacenter demands as well as the next-generation IT requirements of existing and new SAP workloads. On top of that, RHEL 7 for SAP Solutions includes additional capabilities to support SAP Applications across the hybrid cloud, from bare-metal servers to public cloud instances, all on a standard, flexible and scalable operating system platform.

    Both RHEL 7.7 and RHEL 7.6 for SAP Solutions bring new features and enhancements1 to bear that can help streamline operations through improved availability and reduced operating costs. RHEL 7.6 for SAP Solutions is validated and supported for use with SAP HANA on Intel x86_64 and IBM Power 8. Corresponding validation for SAP HANA on RHEL 7.7 is planned. Other SAP applications and database products, like SAP NetWeaver or SAP ASE may adopt and benefit from RHEL 7.7 features right away. Please consult SAP Note 2369910 and 2235581 for the latest information about validated releases and support by SAP.

  • Advanced Ansible variables in Satellite

    Satellite 6.6 beta was released recently, and contains a number of improvements related to Ansible variables. Ansible variables can be used to customize the behavior of Ansible roles. For example, an Ansible role could be configured to install whatever package is specified in an Ansible variable. From Satellite, we can set the value of the Ansible variable so that the package we want is installed by the role.

    Satellite 6.4 introduced the ability to run Ansible roles on Satellite clients, and allowed for parameters to be defined that could be accessed from within the Ansible roles as variables. However, there were a couple limitations to how Ansible variables were supported in Satellite: only string variables were supported, and the Satellite administrator had to review the Ansible role to discover the variable names that should be defined as parameters within Satellite.

  • Fight for the planet: Building an open platform and open culture at Greenpeace

    Few organizations know this better than Greenpeace. For nearly 50 years, the non-profit has been campaigning for a greener and more peaceful future.

    But in 2015, Greenpeace found itself at a crossroads. To address the climate emergency, Greenpeace knew it needed to shift its organizational culture.

Fedora 31 Won't Add An Official POWER Desktop Spin

Filed under
Red Hat

While Fedora recently began spinning workstation/live images for POWER (PPC64LE) at least as a work-in-progress, it won't be made a formal feature of the upcoming Fedora 31.

Due to the imminent feature deadline and little notice, the Fedora Engineering and Steering Committee on Monday rejected the notion of a PPC64LE desktop variant at least for this current (F31) cycle.

Read more

Also: CPE Team at Flock – Post Flock

Server: Decentralisation, SUSE and Red Hat

Filed under
Red Hat
Server
SUSE
  • Decentralizing the Data Center: Hybrid Cloud, Multi-Cloud and more

    But how did we get to cloud computing in the first place? While these are not the only reasons, cost, availability and disaster recovery were a large part of what motivated companies to transition from on-prem [-only] deployments to cloud or hybrid approaches. Now, let us fast forward to the present and we are seeing something entirely new: a complete decentralization of the data center.

    But what does that mean? Once upon a time, companies transitioning or starting their operations in the cloud shopped around and found a public cloud service that best suited their needs. The final decision typically boiled down to cost and services. I would know. I used to work in a division of one of these large cloud providers and we were always going neck-to-neck with the other major players for mainly these key topics.

  • Quarks – New Building Blocks for Deploying on Kubernetes

    At the recent Cloud Foundry Summit EU in the Netherlands, Mario Manno of SUSE and Enrique Encalada of IBM gave a presentation about two popular platforms for deploying your cloud-native applications – Kubernetes and Cloud Foundry. Kubernetes is the great for its flexibility, control over your application and is a great container orchestrator. Cloud Foundry is the go-to platform where you don’t want to worry about your infrastructure, networking, scaling, and routing. It also has the best developer experience in the industry. With Quarks, deployment is simplified using BOSH features, but keeping the flexibility of Kubernetes. Believing that Quarks is the next buzzword for Cloud Foundry conferences, they described and demonstrated the new framework and its building blocks for deploying cloud-native applications which has the best features of the two worlds.

  • SLE 12 SP5 Release Candidate 2 is out!

    This Service Pack 5 is a consolidation Service Pack release.

  • Red Hat Streamlines Operating System Update Cycle

    CentOS is a distribution of Linux based on a fork of Red Hat Enterprise Linux (RHEL). The team that oversees CentOS operates independently of Red Hat. That team in collaboration with Red Hat is making available an additional distribution dubbed CentOS Stream, through which a continuous stream of content will be updated several times daily.
    Mike McGrath, senior director for Linux engineering at Red Hat, said those innovations eventually will find their way into RHEL, but until then developers who want to build applications using those features as they become available can use CentOS Stream.
    This latest distribution of Linux from Red Hat is intended to act as a bridge between Fedora, a distribution of Linux through which Red Hat makes available experimental technologies, and RHEL, he said.

  • Happy Halloween (Packages Not In EPEL-8 yet)

    It is October, and in the US it means that all the decorations for Halloween are going up. This is a time of year I love because you get to dress up in a costume and give gifts to people. In the spirit of Halloween, I am going to make various packages available in a COPR to add onto the EPEL-8 repositories.

    There are a lot of packages which are in EPEL-6 or EPEL-7 but are not in EPEL-8 yet. Some of these may not be possible due to missing -devel, others may just need someone interested in maintaining a branch for EPEL-8, etc etc. In order to try and get a push on this I wanted to see what packages could be built and made ready at some point. I also wanted to make it possible that if you really needed this package, that they could be available. 

  • CentOS 8 Stream Install Guide – CentOS 8 Installation Screenshots
Syndicate content

More in Tux Machines

Debian and Ubuntu Leftovers

  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail. [...] I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates. And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former). Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them. With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! :D

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air. The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software. For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning. Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake. We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations. With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen. [...] Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us. All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.  Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database. Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).