GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Great Job!

Download link

https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/464/451/116/329/288/original/814b4ab3c55bf412.png

Notices where this attachment appears

  1. Embed this notice
    Will Dormann (wdormann@infosec.exchange)'s status on Thursday, 08-May-2025 13:25:43 JST Will Dormann Will Dormann
    in reply to

    Oh, wow.

    Only after pestering the Commvault PSIRT did they update the language of their advisory.

    While it still incorrectly says that 11.38.0 - 11.38.19 are affected and that 11.38.20 is resolved (it is not), the've added a section below this misinformation to convey the actual state of the world:

    11.38.20 is only patched if it has the SP38-CU20-433 and SP38-CU20-436 additional updates installed.

    And 11.38.25 is only patched if it has the SP38-CU25-434 and SP38-CU25-438 additional updates installed.

    I cannot think of a behavior that is more vindictive to their customers to botch language in an advisory so bad, and also to not bother bumping release versions for the fixes for a CVSS 10 EITW vulnerability. 🤦♂️

    In conversation about 10 days ago from infosec.exchange permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.