GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Github dependabot page for project Dropserver for "Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto" CVE-2024-45337

Download link

https://f2.tchncs.de/media_attachments/files/113/642/153/263/003/682/original/d8e75a93f47a8208.png

Notices where this attachment appears

  1. Embed this notice
    Olivier Forget (teleclimber@social.tchncs.de)'s status on Friday, 13-Dec-2024 07:28:23 JST Olivier Forget Olivier Forget

    FYI #Github #Dependabot flags that #Go crypto #vulnerability in your project even if you aren't affected. It checks if you import the package, not if you actually use the affected functions. govulncheck does it correctly.

    Lucky for me that means I don't have to change anything in my project.

    Thanks to @filippo

    In conversation Friday, 13-Dec-2024 07:28:23 JST from social.tchncs.de permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.