GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Julio J. 🀲 (j3j5@hachyderm.io)'s status on Wednesday, 24-Apr-2024 17:57:19 JST Julio J. 🀲 Julio J. 🀲

    tl;dr: upgrade glibc on your servers!

    Summing it up, there's a vulnerability (CVE-2024-2961) on glibc that, apparently, can be used to get RCE on servers running PHP.
    It's recommended that you update glibc to a patched version.

    https://security-tracker.debian.org/tracker/CVE-2024-2961
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-2961

    There's an upcoming talk on May 10 where the researcher will explain how it was used to hack PHP servers.

    https://www.offensivecon.org/speakers/2024/charles-fol.html

    #PHP #glibc #iconv

    In conversation about a year ago from hachyderm.io permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Invalid Bug ID
    2. Domain not in remote thumbnail source whitelist: www.offensivecon.org
      Charles Fol | OffensiveCon
    • Haelwenn /элвэн/ :triskell: likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.