VFCFinder: Seamlessly Pairing Security Advisories and Patches

Security advisories are the primary channel of communication for discovered vulnerabilities in open-source software, but they often lack crucial information. Specifically, 63% of vulnerability database reports are missing their patch links, also referred to as vulnerability fixing commits (VFCs). This paper introduces VFCFinder, a tool that generates the top-five ranked set of VFCs for a given security advisory using Natural Language Programming Language (NL-PL) models. VFCFinder yields a 96.6% recall for finding the correct VFC within the Top-5 commits, and an 80.0% recall for the Top-1 ranked commit. VFCFinder generalizes to nine different programming languages and outperforms state-of-the-art approaches by 36 percentage points in terms of Top-1 recall. As a practical contribution, we used VFCFinder to backfill over 300 missing VFCs in the GitHub Security Advisory (GHSA) database. All of the VFCs were accepted and merged into the GHSA database. In addition to demonstrating a practical pairing of security advisories to VFCs, our general open-source implementation will allow vulnerability database maintainers to drastically improve data quality, supporting efforts to secure the software supply chain

The Sociocultural Factors Underlying Latina Mothers' Infant Feeding Practices.

In this study, we examined the sociocultural factors underlying infant feeding practices. We conducted four focus groups with 19 Latina mothers of children 0 to 2 years of age enrolled in Early Head Start programs in the United States over a 1-year period. We found these mothers considered both science- and family-based feeding recommendations. However, advice from family was often inconsistent with science- and nutrition-based recommended feeding practices. In the interest of showing respect and preserving harmonious relationships, some mothers accepted family advice instead of recommended practices while others employed strategies to follow recommended practices without offending. Nutrition educators need to consider the intersection of macro, organizational, and community factors with micro-level processes in shaping the implementation of recommended feeding practices within family systems. Nutrition interventions for Latino families should capitalize on Latina mothers' strategies for navigating multiple information sources while preserving cultural values and family relationships

The Sociocultural Factors Underlying Latina Mothers’ Infant Feeding Practices

In this study, we examined the sociocultural factors underlying infant feeding practices. We conducted four focus groups with 19 Latina mothers of children 0 to 2 years of age enrolled in Early Head Start programs in the United States over a 1-year period. We found these mothers considered both science- and family-based feeding recommendations. However, advice from family was often inconsistent with science- and nutrition-based recommended feeding practices. In the interest of showing respect and preserving harmonious relationships, some mothers accepted family advice instead of recommended practices while others employed strategies to follow recommended practices without offending. Nutrition educators need to consider the intersection of macro, organizational, and community factors with micro-level processes in shaping the implementation of recommended feeding practices within family systems. Nutrition interventions for Latino families should capitalize on Latina mothers’ strategies for navigating multiple information sources while preserving cultural values and family relationships