Designing a COM library for Rust

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language SSPL group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog po...

[SECURITY] Fedora 31 Update: golang-1.13.1-1.fc31

The Go Programming Language...

Building the Azure IoT Edge Security Daemon in Rust

Azure IoT Edge is an open source, cross platform software project from the Azure IoT team at Microsoft that seeks to solve the problem of managing distribution of compute to the edge of your on-premise network from the cloud. This post explains some of the rationale behind our choice of Rust as t...

Important: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: go-toolset-1.11 and go-toolset-1.11-golang security update

An update for go-toolset-1.11 and go-toolset-1.11-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

The vulnerability of the slaxGetInput function in the SLAX programming language implementation of the Libslax library allows a perpetrator to cause a service failure.

The vulnerability of the slaxGetInput function in the SLAX programming language implementation in Libslax is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

[SECURITY] Fedora 29 Update: golang-1.11.13-1.fc29

The Go Programming Language...

[SECURITY] Fedora 30 Update: golang-1.12.9-1.fc30

The Go Programming Language...

Multiple Code Execution Flaws Found In PHP Programming Language

Maintainers of the PHP programming language recently released the latest versions of PHP to patch multiple high-severity vulnerabilities in its core and bundled libraries, the most severe of which could allow remote attackers to execute arbitrary code and compromise targeted servers. Hypertext...

CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

Fedora Update for python3 FEDORA-2019-9bfb4a3e4b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python3-docs FEDORA-2019-9bfb4a3e4b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

Design/Logic Flaw

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

CVE-2019-1010299

CVE-2019-1010299 affects the Rust standard library: Rust 1.18.0 and later. The vulnerability is CWE-200 Information Exposure due to the Debug trait implementation for std::collections::vec_deque::Iter, which could cause contents of uninitialized memory to be printed when debug-printing an iterato...

CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

Important: Red Hat Security Advisory: python27-python security update

An update for python27-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CentOS Update for python CESA-2019:1587 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...