profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/aidansteele/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Aidan Steele aidansteele Glass Echidna Melbourne, Australia http://www.glassechidna.com.au

aidansteele/demo-serverless-aspnetcore 18

ASP.Net Core 3.1 on AWS Lambda demo

aidansteele/CHMath 1

Cocoa wrappers around OpenSSL's BigNumber math functions

aidansteele/act 0

Run your GitHub Actions locally

aidansteele/aws-account-controller 0

Self-service creation and deletion of sandbox-style accounts.

startedaidansteele/osx-abi-macho-file-format-reference

started time in 6 hours

create barnchglassechidna/tix

branch : dependabot/npm_and_yarn/nodemailer-6.4.16

created branch time in 7 hours

PR opened glassechidna/tix

Bump nodemailer from 4.4.0 to 6.4.16

Bumps nodemailer from 4.4.0 to 6.4.16. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md">nodemailer's changelog</a>.</em></p> <blockquote> <h2>6.4.16 2020-11-12</h2> <ul> <li>Applied updated prettier formating rules</li> </ul> <h2>6.4.15 2020-11-06</h2> <ul> <li>Minor changes in header key casing</li> </ul> <h2>6.4.14 2020-10-14</h2> <ul> <li>Disabled postinstall script</li> </ul> <h2>6.4.13 2020-10-02</h2> <ul> <li>Fix normalizeHeaderKey method for single node messages</li> </ul> <h2>6.4.12 2020-09-30</h2> <ul> <li>Better handling of attachment filenames that include quote symbols</li> <li>Includes all information from the oath2 error response in the error message (Normal Gaussian) [1787f227]</li> </ul> <h2>6.4.11 2020-07-29</h2> <ul> <li>Fixed escape sequence handling in address parsing</li> </ul> <h2>6.4.10 2020-06-17</h2> <ul> <li>Fixed RFC822 output for MailComposer when using invalid content-type value. Mostly relevant if message attachments have stragne content-type values set.</li> </ul> <h2>6.4.7 2020-05-28</h2> <ul> <li>Always set charset=utf-8 for Content-Type headers</li> <li>Catch error whn using invalid crypto.sign input</li> </ul> <h2>6.4.6 2020-03-20</h2> <ul> <li>fix: <code>requeueAttempts=n</code> should requeue <code>n</code> times (Patrick Malouin) [a27ed2f7]</li> </ul> <h2>6.4.4 2020-03-01</h2> <ul> <li>Add <code>options.forceAuth</code> for SMTP (Patrick Malouin) [a27ed2f7]</li> </ul> <h2>6.4.3 2020-02-22</h2> <ul> <li>Added an option to specify max number of requeues when connection closes unexpectedly (Igor Sechyn) [8a927f5a]</li> </ul> <h2>6.4.2 2019-12-11</h2> <ul> <li>Fixed bug where array item was used with a potentially empty array</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54"><code>ba31c64</code></a> v6.4.16</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/7e7b2b23ed9a56ce60245bf1c7a444e5981a259b"><code>7e7b2b2</code></a> v6.4.15</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/fca2041bdf33e4a6cb61929abb2503fa4e630219"><code>fca2041</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/b4ccfa347a805d17c1d0fc5e719c2fb6cdc435e8"><code>b4ccfa3</code></a> Oups</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/24b93bf75f946b138fcad663effababd4a328972"><code>24b93bf</code></a> Add ethereal.email to well-known/services.json</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/0f132fa0e5b65b105bfebc9a123515bd0217a15a"><code>0f132fa</code></a> doc: make the code a little more accessible with some code comments.</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/1815badec2ca1cf496a9fb728e0e941e8e16b65b"><code>1815bad</code></a> v6.4.14</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/dd26ddd9857280897a4e54ef16f037dfe8c62151"><code>dd26ddd</code></a> v6.4.13</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/455cfbe02658aeee6932ef845676c9de13dfb544"><code>455cfbe</code></a> v6.4.12</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/1787f227b34e6cb3a124fa5204ae89364a7c9d6b"><code>1787f22</code></a> Includes all information from the oath2 error response in the error message (...</li> <li>Additional commits viewable in <a href="https://github.com/nodemailer/nodemailer/compare/v4.4.0...v6.4.16">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+69 -26

0 comment

2 changed files

pr created time in 7 hours

push eventglassechidna/trackiam

Aidan bot

commit sha 95da77aef4e171ece35e83d47b70bf1f3492aa3d

New actions

view details

push time in 9 hours

push eventglassechidna/trackiam

Aidan bot

commit sha dadf3ec4c10858124e31eb5e3abf3db9d4d803ad

New actions

view details

push time in 12 hours

push eventglassechidna/trackiam

Aidan bot

commit sha 0d9ca12564eba10c79b9dc836ea28f703efcf25f

New actions

view details

push time in 13 hours

push eventglassechidna/trackiam

Aidan bot

commit sha 652d209375e2760d800439759cbdead16e20311f

New actions

view details

push time in 14 hours

push eventglassechidna/awsctx

Aidan bot

commit sha 2a88bbde1e541f32f82eb4b89b3d0bf4ed55ea8f

Upstream v1.38.38

view details

push time in 14 hours

created tagglassechidna/awsctx

tagv1.38.38

A context-first wrapper around aws-sdk-go

created time in 14 hours

issue openeddotnet/announcements

May 2021 .NET Updates

The following .NET updates were released in May 2021. This issue will be updated if there are any additional releases during the month.

<h2>.NET </h2>

<h2>.NET Support Policies</h2> Microsoft support policies are defined in the following documents:

created time in 15 hours

issue openeddotnet/announcements

Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2021-31204 | .NET Core Elevation of Privilege Vulnerability

<a name="executive-summary"></a>Executive summary

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

An elevation of privilege vulnerability exists in .NET 5.0 and .NET Core 3.1 when a user runs a single file application on Operating Systems based on Linux or macOS.

Discussion

Discussion for this issue can be found at https://github.com/dotnet/runtime/issues TBD

<a name="mitigation-factors"></a>Mitigation factors

Microsoft has not identified any mitigating factors for this vulnerability.

<a name="affected-software"></a>Affected software

  • Any .NET 5.0 application running on .NET 5.0.5 or lower

  • Any .NET Core 3.1 application running on .NET Core 3.1.14 or lower

<a name="how-affected"></a>How do I know if I am affected?

If you have a runtime or SDK with a version listed in affected software, you're exposed to the vulnerability.

<a name="how-fix"></a>How do I fix the issue?

To fix the issue, please install the latest version of .NET 5.0 or .NET Core 3.1. If you have installed one or more .NET Core SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET Core SDKs.

You can list the versions you have installed by running the dotnet --info command. You should see an output like the following:

.NET Core SDK (reflecting any global.json):
 Version:   3.1.100
 Commit:    cd82f021f4

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.18363
 OS Platform: Windows
 RID:         win10-x64
 Base Path:   C:\Program Files\dotnet\sdk\3.1.100\

Host (useful for support):
  Version: 3.1.0
  Commit:  65f04fb6db

.NET Core SDKs installed:
  3.1.100 [C:\Program Files\dotnet\sdk]

.NET Core runtimes installed:
  Microsoft.AspNetCore.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.NETCore.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.WindowsDesktop.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]

To install additional .NET Core runtimes or SDKs:
  https://aka.ms/dotnet-download
  • If you're using .NET 5.0, you should download and install Runtime 5.0.6 or SDK 5.0.203 (for Visual Studio 2019 v16.8) from https://dotnet.microsoft.com/download/dotnet-core/5.0.

  • If you're using .NET Core 3.1, you should download and install Runtime 3.1.15 or SDK 3.1.115 (for Visual Studio 2019 v16.4) or 3.1.409 (for Visual Studio 2019 v16.5 or later) from https://dotnet.microsoft.com/download/dotnet-core/3.1.

.NET 5.0 and .NET Core 3.1 updates are also available from Microsoft Update. To access this either type "Check for updates" in your Windows search, or open Settings, choose Update & Security and then click Check for Updates.

Once you have installed the updated runtime or SDK, restart your apps for the update to take effect.

Additionally, if you've deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.

Other Information

Reporting Security Issues

If you have found a potential security issue in .NET Core or .NET 5, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at https://aka.ms/corebounty.

Support

You can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/runtime and https://github.com/dotnet/aspnet/. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

External Links

CVE-2021-31204

Revisions

V1.0 (May 11, 2021): Advisory published.

Version 1.0

Last Updated 2021-05-11

created time in 16 hours

created repositoryKhrob/swame

created time in a day

push eventglassechidna/trackiam

Aidan bot

commit sha d290756e36d156956f6d17ae4c743d1ff1448714

New actions

view details

push time in a day

push eventglassechidna/trackiam

Aidan bot

commit sha f44962d8af8202551bca15fb5d5696a8854ff32d

New actions

view details

push time in a day

push eventglassechidna/trackiam

Aidan bot

commit sha c736b46c2351fe8ffb7f39c358cf04b6d80a5d32

New actions

view details

push time in a day

push eventglassechidna/trackiam

Aidan bot

commit sha 0d5a2a236079a1f7f23d0efd028197bc0b79351f

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha edceb617b11b0abba54ca54963fd7235a9bc6086

New actions

view details

push time in 2 days

push eventglassechidna/awsctx

Aidan bot

commit sha 47af28082c57ee03f8b9aa6f15a2505d1e14a0e7

Upstream v1.38.37

view details

push time in 2 days

created tagglassechidna/awsctx

tagv1.38.37

A context-first wrapper around aws-sdk-go

created time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha 6d5a5c2f854b369f4e860fcd3ec4973461548ca9

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha 0f481c0572f4d6a73f5e4ffa10743b46d048ce7d

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha ef39f6275accce7438f85de2399e7a327a8076d2

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha ae831c3a0752ba5ac150bc1003802194ca0fe81a

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha cd82c6e4a658243d3900c481db0e5aeb5bddd241

New actions

view details

push time in 2 days

push eventglassechidna/trackiam

Aidan bot

commit sha b154836d5c85ea70ce20455f42e14dbbdcb43165

New actions

view details

push time in 2 days

PR opened iann0036/aws-account-controller

Bump lodash from 4.17.19 to 4.17.21 in /lambda

Bumps lodash from 4.17.19 to 4.17.21. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.19...4.17.21">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 3 days

startedaidansteele/osx-abi-macho-file-format-reference

started time in 4 days

push eventglassechidna/trackiam

Aidan bot

commit sha b2f9976136f558e85b8931c8549885e890423582

New actions

view details

push time in 5 days