Conversation

Notices

1. Embed this notice
   Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 19:53:56 JST Pleroma-tan
   Oh yeah. People openssh has an rce thing right now. I'm not sure when it was first reported on but update your fucking systems.
   • Embed this notice
     Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 19:54:56 JST Pleroma-tan

     in reply to

     • hanno
     Here's that post from chaos dot social I saw that made me update lab
     
     🚨 KLAXON NOISES 🚨
     "unauthenticated remote code execution as root in OpenSSH" is a term that means I don't fuckin' need my morning coffee any more.
     Qualys report: https://www.openwall.com/lists/oss-security/2024/07/01/3
     Release notes: https://www.openssh.com/releasenotes.html#9.8p1
     And a tip o' the hat to @hanno for the initial post about it: https://mastodon.social/@hanno/112710324891813998
     Go forth and patch your shit!
   • Embed this notice
     meso [netzsphaere era] (meso@netzsphaere.xyz)'s status on Monday, 01-Jul-2024 20:04:54 JST meso [netzsphaere era]

     in reply to

     • hanno
     @kirby @hanno >OpenBSD is not vulnerable.
     classic
     Pleroma-tan likes this.
   • Embed this notice
      (mint@ryona.agency)'s status on Monday, 01-Jul-2024 20:05:37 JST 

     in reply to
     @kirby Not my problem.
     Screenshot_20240701_140447.png
     Pleroma-tan likes this.
   • Embed this notice
      (mint@ryona.agency)'s status on Monday, 01-Jul-2024 20:11:19 JST 

     in reply to
     @kirby It was still stable (not unstable) when I installed it.
     Pleroma-tan likes this.
   • Embed this notice
     Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 20:11:20 JST Pleroma-tan

     in reply to

     • 
     @mint people using way too old legacy systems win again
   • Embed this notice
     Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 20:15:49 JST Pleroma-tan

     in reply to

     • 
     @mint well not exactly legacy but still too fuckin old
   • Embed this notice
     menherahair (menherahair@eientei.org)'s status on Monday, 01-Jul-2024 20:31:57 JST menherahair

     in reply to
     @kirby "ssh shouldn't be exposed to the internet" vindicated again
     Pleroma-tan likes this.
   • Embed this notice
     Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 20:34:04 JST Pleroma-tan

     in reply to

     • menherahair
     @menherahair back from the dead aren't ya. aka your break you talked about is over
   • Embed this notice
     menherahair (menherahair@eientei.org)'s status on Monday, 01-Jul-2024 20:35:32 JST menherahair

     in reply to
     @kirby it kinda sucked I just ended up hanging on agora road instead but that place is gay
     Pleroma-tan likes this.
   • Embed this notice
     Phantasm (phnt@fluffytail.org)'s status on Monday, 01-Jul-2024 20:38:08 JST Phantasm

     in reply to

     • 
     @kirby @mint I'm still running an 8.0 release. These new exploits are the reason why I don't bother running new OS releases on servers in general and wait until the version is near EOL.
     Pleroma-tan likes this.
   • Embed this notice
     hirohito (hiro@mstdn.starnix.network)'s status on Monday, 01-Jul-2024 21:19:22 JST hirohito

     in reply to

     @kirby > OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.

     lincucks loses again

     Pleroma-tan likes this.
   • Embed this notice
     Pleroma-tan (kirby@lab.nyanide.com)'s status on Monday, 01-Jul-2024 21:19:33 JST Pleroma-tan

     in reply to

     • hirohito
     @hiro :openbsd:
   • Embed this notice
     þernia (pernia@cum.salon)'s status on Saturday, 06-Jul-2024 08:20:14 JST þernia

     in reply to
     @kirby nope. also we're gonna rape you
     Pleroma-tan likes this.