A new open source community has been set up in order to provide “a safe and reliable home for Free and Open Source Software!” Codeberg.org will act as a home for open-source code and ensure that it remains free and secure, the team explained.
“The number of developers and projects participating in the Open-Source movement is growing exponentially. Only new software tools and collaboration platforms made these dynamics possible and manageable. While all successful software tools that enabled this development were contributed by the Free and Open Source Software community, commercial for-profit platforms dominate the hosting of the results of our collaborative work. This has led to the paradox that literally millions of volunteers create, collect, and maintain invaluable knowledge, documentation, and software, to feed closed platforms driven by commercial interests, whose program is neither visible nor controllable from outside. Considering the fate of formerly successful startups like SourceForge, we need to break the circle and avoid history repeating,” the team behind Codeberg wrote in a post.
Python network tool Scapy vulnerable to DoS attacks
Security company Imperva has discovered a vulnerability in the Python network tool, Scapy, that opens it up to DoS attacks. Scapy used a heuristic algorithm to identify the type of network packet it is inspecting, and the algorithm relies on port numbers which can easily be spoofed. This particular vulnerability occurs if Scapy is led to believe that a network packet is a RADIUS packet, which doesn’t have input validation on the length field, leading to an infinite loop.
“The current version of Scapy can be DoSed quite easily. The potential impact is large – Scapy is quite a popular tool, and other libraries that depend on Scapy might be vulnerable as well. Networks relying on Scapy for traffic monitoring or other functions can also be affected. If you’re using the affected version of Scapy, or any library that depends on Scapy, we advise you to apply the patch as soon as possible,” Imperva wrote in a post.
The Nim team reflects on the language’s achievements in 2018
The team behind Nim is reflecting on the things that happened with the programming language in 2018. In March version 0.18 was released and in September, version 0.19, which was the biggest release to data.
In August, a partnership was announced with Status. Status planned to use Nim as the programming language for an Ethereum sharding client called Nimbus. Finally, in October, the community participated in Hacktoberfest and the improvements made there will be included in the next release.
Atom 1.34 now available
A new version of the Atom text editor is now available. Atom 1.34 includes new features such as a faster, diff view, the ability to preview staged changes, and support for commit message templates.
The team has also announced Atom 1.35 Beta, which will provide quick access to details of recent commits, the ability to view the full diff for pull requests within Atom, and enhancements and stability improvements.