‘Planet Freitagsrunde’ Archive

Dockerizing a Django app with scripted super user creation 2018-03-30 No Comments

I recently dockerized a small Django application. I build the Dockerfile in a way that the resulting image would allow running the container as if it was plain manage.py, e.g. that besides docker-compose up I could also do: # For a psql session into the database: docker-compose run <image_name> dbshell # Or, to run the […]

Serving /favicon.ico with Django without HTTP redirection 2018-03-29 No Comments

Say you have created a favicon.ico for your website and want to serve that file outside of the usual /static/images prefix, at /favicon.ico. Other favicon approaches use a code-30x redirect on HTTP level. I would rather save that extra request. Here is what I ended up with: import os from django.conf import settings from django.views.static […]

How to deal with “Not uninstalling pip at /usr/lib/python2.7/dist-packages, owned by OS” 2018-03-01 No Comments

When system-wide pip turns out too old (e.g. for lacking support for pip check), one may end up trying to update pip using a command like: sudo pip install –upgrade pip That’s likely to end up with this message: Not uninstalling pip at /usr/lib/python2.7/dist-packages, owned by OS That non-error and the confusion that easily happens […]

Fwd: LibreOffice < 6.0.1 '=WEBSERVICE' Remote Arbitrary File Disclosure No Comments

This “crazy” vulnerability in LibreOffice only came to my attention recently: LibreOffice < 6.0.1 – ‘=WEBSERVICE’ Remote Arbitrary File Disclosure (exploit-db.com) Please make sure yours peers update in time.

I love free software… and Gentoo does! #ilovefs 2018-02-14 No Comments

Some people care if software is free of cost or if it has the best features, above everything else. I don’t. I care that I can legally inspect its inner workings, modify and share modified versions. That’s why I happily avoid macOS, Windows, Skype, Photoshop. I ran into these two pieces involving Gentoo in the […]

uriparser 0.8.5 released + moved to GitHub 2018-02-07 No Comments

Hi! After moving uriparser from SourceForge to GitHub and re-creating its website from scratch earlier this year, today uriparser 0.8.5 has been released and is available for download. Quoting from the change log, the changes are as follows: 2018-02-07 — 0.8.5 * Changed: The uriparser project has moved from SourceForge to GitHub: Code + issue […]

Fwd: Escaping Docker container using waitid() – CVE-2017-5123 2018-01-01 No Comments

Escaping Docker container using waitid() – CVE-2017-5123 (twistlock.com)

Fwd: xxxx-11-25: International Day for the Elimination of Violence against Women 2017-11-25 No Comments

November 25: International Day for the Elimination of Violence against Women (Wikipedia)

Fwd: Bit-squatting: DNS Hijacking Without Exploitation No Comments

Not new at all but was new to me, and was well worth my time: DEFCON 19: Bit-squatting: DNS Hijacking Without Exploitation (w speaker) Only somewhat related: https://www.pytosquatting.org/

Expat 2.2.5 released 2017-11-01 No Comments

Expat 2.2.5 has recently been released. It fixes miscellaneous bugs. For more details, please check the changelog. If you maintain Expat packaging or a bundled version of Expat somewhere, please update to 2.2.5. Thanks! Sebastian Pipping