Programming Leftovers
-
Kushal Das: Using openpgp-card-tool-git with git
One of the power of Unix systems comes from the various small tools and how they work together. One such new tool I am using for some time is for
git
signing
&verification
using OpenPGP and my Yubikey for the actual signing operation via openpgp-card-tool-git. -
Ruby CVE-2025-25186: DoS vulnerability in net-imap
There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier CVE-2025-25186. We recommend upgrading the net-imap gem.
A malicious server can send highly compressed uid-set data which is automatically read by the client’s receiver thread. The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges.
-
LWN ☛ New horizons for Julia
Julia, a free, general-purpose programming language aimed at science, engineering, and related arenas of technical computing, has steadily improved and widened its scope of application since its initial public release in 2012. As part of its 1.11 release from late 2024, Julia made several inroads into areas outside of its traditional focus, provided its users with advances in tooling, and has seen several improvements in performance and programmer convenience. These recent developments in and around Julia go a long way to answer several longstanding complaints from both new and experienced users. We last looked in on the language one year ago, for its previous major release, Julia 1.10.