Isn’t this the most worthless result from a vulnerability scan:
PHP Unspecified Vulnerability (Protocol: tcp Port: 80)
DESCRIPTION An unspecified vulnerability has been discovered in PHP with Unknown impact and attack vectors. All versions before 5.2.11, and 5.3.x before 5.3.1 are affected
SOLUTION Upgrade to the latest version of PHP, available at http://www.php.net/downloads.php
Go Nessus.
So, I encountered a weird problem earlier tonight while trying to merge changes from our trunk back into a branch I’ve been working on. The merge went successfully and I could see all the changes locally. However, when I attempted to check in the changes, I got the following error message:
svn: File 'path/to/file' is out of date
This wasn’t terribly unusual, with the exception of the case I just checked out the branch from the repository. When I performed an update, nothing was updated which further complicated the situation. When I used the --force switch, only then did one of my folders update and indicate that it was in a conflicted state. When I resolved the conflict and attempted to check back in, guess what? The same error message.
This is when I started Googling to see if I could find someone else who had this problem, but alas found no answers. I then started trying to compare the differences between the versions, including what was available in the most recent trunk release and found something interesting. The most recent trunk didn’t have any properties named svn:mergeinfo. This was despite multiple merges already taking place in the past. Yet, when I looked at the merge that I am attempting to perform, the following mergeinfo appeared:
/branches/timelog-and-multi-speaker-ui:430-526 /trunk:532-533
I had specified only to merge versions 532-533 - nothing before then. Thus, the previous merge version was extremely unusual, and likely was what was causing the conflicts upon checkin. Sure enough, when I deleted that line in the svn:mergeinfo property, I was able to checkin successfully.
So, the lesson to be learned is if you try to merge and find you’re blocked because something isn’t really out-of-date, check your mergeinfo.
Last Friday and this morning I had been trying to deploy the latest changes to my WCF application. As I started doing this the manual way (e.g. copying all DLLs, configs, and service endpoints into a directory to zip and send up to my web server), I took a step back and realized I needed a NAnt build target because I’m going to be doing this over-and-over again. However, after creating the build target and deploying the resulting Zip to my web server, I received a strange error message when trying to invoke my services.
Read more…
As I was looking for ways to better interact with our NetApp FAS2050, I came across an article detailing the Virtual Storage Console. Being intrigued, I decided to install it on our vCenter Server. The install went fine and the application registered fine per documentation. However, the problem came when entering the credentials under the NetApp tab. I was stuck in an infinite loop that stated SSL is not configured.. No matter what I did (whether that was use the root user, the vcenter user I created, checking or unchecking Use SSL, I got the same error message - SSL is not configured.
This was despite installing the software per the Installing NetApp VSC According to Best Practices. SSHv2 and SSL were enabled when executing secureadmin status. Furthermore, httpd.admin.enable was on using legacy access.
I went Googling for the solution to the problem, and came across an old Nabble list scrape that said to put the IP addresses of all of my ESX hosts in /etc/hosts.equiv and turn on httpd.admin.hostsequiv.enable. Sadly, that didn’t work. Yet, further Googling revealed something painfully obvious. If you’ve ever tried accessing your filer via HTTPS (e.g. https://filer/na_admin/) and you were not listed in the trusted.hosts, then you’re flat out denied access. That’s exactly what was going on here. The VSC requires access to the APIs provided through the same console, and thus requires you to manually list all the IP addresses of the ESX servers in the trusted.hosts file.
Make sure all of your ESX hosts (and vCenter server) are listed in the options trusted.hosts.
Sebastian Bergmann, lead developer of the PHPUnit testing framework, has decided to switch PHPUnit from subversion to Git. I wouldn’t normally have a problem with this, especially if he were to follow all of the other mainstream projects that choose to keep backwards-compatibility with Subversion by keeping Subversion and Git in sync. However, he’s chosen to go strictly the route of Git and not bother keeping a subversion repository in sync.
Why do I have such a significant problem with this? I don’t do anything in Git right now. Everything of mine is still in Subversion, and quite frankly, I intend to continue using Subversion for quite some time as it works well for my group and I’m too overwhelmed with learning other technologies to learn yet another source code control system.
So, please Sebastian, at least keep subversion around and sync it with Git. All of us Subversion developers that use your repository to fetch PHPUnit from there (instead of using the PHP un-best practices way of installing through PEAR) would greatly appreciate it.
I’ll admit, I’m a bit of a JavaScript n00b when it comes to doing UI development. One of the outside consulting projects that I’m working on is asking me to push the limits of my JavaScript knowledge, and I can definitely say the past couple of days have given me a sad realization that there are some strange oddities to JavaScript development. Once you understand that Prototyping is much like Extension Methods in .Net, that part’s pretty easy. What’s not easy is trying to figure out how to do event handing with Object Oriented classes.
Read more…
One of the side projects I’m working on involves having users listen to audio files and fill out information in response to the audio files they listen to. Some audio files will be short (e.g. 5 seconds or less), but others may be long, say a few minutes to an hour or longer. These audio files are typically voicemails or ditcations, so people can have a tendency to leave long breaks between words, will talk slowly, etc., thus slowing down the listening process. The goal: figure out a way to allow the users to speed up (or slow down) the audio files as much as they would like without having to process the audio files on the server ahead of time. The possible solution? HTML5
Read more…
I am setting up monitoring for my PostgreSQL database server, and ran across a cool way to get around specifying the username/password via the command-line every time the checks are run: pg_service.conf. Unfortunately, there is very little documentation on the config file. As best as I can figure out, if you are connecting to a remote host, your definitions should look as follows:
[service.name.here] dbname=db.name.here user=user.name.here host=host.name.here password=password.here
On a Gentoo Linux server with PostgreSQL 8.4 installed, this file will need to be placed at /etc/postgresql-8.4/pg_service.conf. Then, to reference it, simply export the PGSERVICE environment variable with the value of the name of the service in brackets.
So, I haven’t posted anything really talking about the details of my life in 2009. This is likely attributed to my extremely busy schedule for the majority of the year, amongst being overwhelmed at times with the changes going on that directly and indirectly affect me and my family. I hope to cover the highlights of the year, and then wrap up with great news that has changed Melissa’s and my life forever.
Read more…
[root@sheerjira ~]# rpm -i rpmforge-release-0.5.1-1.el5.rf.i386.rpm
package rpmforge-release-0.5.1-1.el5.rf.i386 is already installed
[root@sheerjira ~]# rpm -e rpmforge-release-0.5.1-1.el5.rf.i386.rpm
error: package rpmforge-release-0.5.1-1.el5.rf.i386.rpm is not installed
‘Nuff said.
Recent Comments