SD Times news digest: Rust 1.42.0, Microsoft releases patch for critical security bug, and Sonatype expands support for open-source security and governance
Rust 1.42.0 includes more useful panic messages when unwrapping, subslice patterns, the deprecation of Error::description, and more.
Additionally, Rust said it is downgrading 32-bit targets to Tier 3 support by the project, since Apple no longer supports it either.
More details on the language update are available here.
Microsoft releases patch for critical security bug
Microsoft released an “out of band” security update to address a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests.
The vulnerability applies to Windows 10, version 1903; Windows 10, version 1909; Windows Server, version 1903; and Windows Server, version 1909.
Microsoft said that to be protected from this vulnerability, users must install KB4551762, even if they have installed the security update released on March 10, 2020.
More details on the fix are available here.
Sonatype expands support for open-source security and governance
Sonatype announced that it’s expanding its language coverage within Nexus Lifecycle to include Conan (C/C++), Composer (PHP), and RubyGems (Ruby),
“By continuing to increase support for the most popular component formats, Nexus Lifecycle is helping millions of developers and security professionals to automatically govern open source hygiene across every phase of the SDLC,” Sonatype wrote in a post.
With today’s additions, Nexus Lifecycle now supports 27 programming languages and package formats.
Nullability in Android 11
The nullability feature has been baked into Android 11’s type system. When declaring a reference, users say upfront whether it can hold null values.
“This aspect of Kotlin makes your code safer — if you later call a method or try to access a property on a non-null variable like x, you know you’re not risking a null pointer exception,” Android wrote in a post, which explains the feature in greater detail. “We hear over and over again that this feature of Kotlin gives developers more peace of mind and leads to higher quality apps for end-users.”
The @Nullable annotation ensures that when using the result of getCurrentName in a Kotlin file, you can’t dereference it without a null check.
The post SD Times news digest: Rust 1.42.0, Microsoft releases patch for critical security bug, and Sonatype expands support for open-source security and governance appeared first on SD Times.
Tech Developers
No comments