Yahoo Security Notice December 14, 2016

January 16, 2017 - 8:49pm - by Oleg Ivanchenko

Yahoo has identified data security issues concerning certain Yahoo user accounts. Yahoo has taken steps to secure user accounts and is working closely with law enforcement.

More information here:

https://help.yahoo.com/kb/account/SLN27925.html?impressions=true

SQLSTATE[HY000]: General error: 1364 Field doesn't have a default value

May 28, 2016 - 9:30pm - by Oleg Ivanchenko

I have got an error:

	SQLSTATE[HY000]: General error: 1364 Field 'XXXX' doesn't have a default value

Happened with MySQL 5.7.12, Mac OS X 10.11.5. MySQL installed from a package from mysql.com.

The obvious solution does not work: adding default value into SQL code (default '') generates another error for a TEXT field:

	SQLSTATE[42000]: Syntax error or access violation: 1101 BLOB, TEXT, GEOMETRY or JSON column 'XXXX' can't have a default value

Thus I had to update MySQL settings. The default MySQL strict mode has to be disabled.

In my case there were no /etc/my.cnf file. The default settings were in /usr/local/mysql/support-files/my-default.cnf. I added /etc/my.cnf with the following code in it:

[mysqld]<br>sql_mode=NO_ENGINE_SUBSTITUTION

And of course MySQL should be restarted :-) Look here for more details.

It solved the problem.

MySQL start/stop/restart in Mac OS X

May 28, 2016 - 6:51pm - by Oleg Ivanchenko

How to start/stop/restart MySQL in Mac OS X? Very easy!

In OS X Yosemite / El Capitan (MySQL post 5.7) run in terminal:

sudo launchctl load -F /Library/LaunchDaemons/com.oracle.oss.mysql.mysqld.plist

Note: This is a persistent setting which means that MySQL will automatically start on the next OS X start.

sudo launchctl unload -F /Library/LaunchDaemons/com.oracle.oss.mysql.mysqld.plist

In OS X pre Yosemite (MySQL pre 5.7) run in terminal:

 sudo /usr/local/mysql/support-files/mysql.server start

 sudo /usr/local/mysql/support-files/mysql.server stop

 sudo /usr/local/mysql/support-files/mysql.server restart

Quite easy :-)

SSH: Public Key - not in PubkeyAcceptedKeyTypes

November 23, 2015 - 9:11pm - by Oleg Ivanchenko

After upgrading to OS X El Capitan and corresponding upgrade of MacPorts I faced a problem of ssh connection using a public key. While debugging:

$ ssh -v hostname

I have got:

debug1: Skipping ssh-dss key /Users/<user>/.ssh/id_dsa for not in PubkeyAcceptedKeyTypes

The fix was to add to ~/.ssh/config the following string:

PubkeyAcceptedKeyTypes ssh-css

However it was a good trigger to evaluate RSA vs. DSA usage for SSH authentication keys. A good topic for discussion ...

Alert: Bash Code Injection Vulnerability

September 25, 2014 - 8:40pm - by admin

This is really serious: Red Hat Product Security has been made aware of a vulnerability affecting all versions of the Bash package shipped with Red Hat Enterprise Linux. Since many of Red Hat's products run on a base installation of Red Hat Enteprise Linux, there is a risk of other products being impacted by this vulnerability as well.

The same issue found in Debian 6 & 7...

In order to test if your version of Bash is vulnerable to this issue, run the following command:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"

If the output of the above command looks as follows:

vulnerable<br />
this is a test

you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"<br />
bash: warning: x: ignoring function definition attempt<br />
bash: error importing function definition for `x'<br />
this is a test