GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    daniel:// stenberg:// (bagder@mastodon.social)'s status on Tuesday, 31-Dec-2024 21:06:32 JST daniel:// stenberg:// daniel:// stenberg://

    the 500th hackerone report to #curl, received 20 hours ago, is a confirmed security issue. Severity LOW. To be announced with the next curl release on February 5, 2025.

    This one hurts my ego. Again.

    In conversation about 2 months ago from mastodon.social permalink
    • Rich Felker repeated this.
    • Embed this notice
      Jeroen Massar (jeroen@secluded.ch)'s status on Tuesday, 31-Dec-2024 21:06:44 JST Jeroen Massar Jeroen Massar
      in reply to

      @bagder if it hurt your ego, it is a bug you will not make again and lesson learnt ;) I tend to read CVEs and more the fixes to learn what classes of bugs are being fixed so to avoid them myself; also do check if similar mistakes have not been made elsewhere if applicable

      In conversation about 2 months ago permalink
      Haelwenn /элвэн/ :triskell: likes this.
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Tuesday, 31-Dec-2024 21:08:02 JST Rich Felker Rich Felker
      in reply to
      • Jeroen Massar

      @jeroen @bagder I wish more CVEs clearly identified the mistakes without digging thru 3+ levels of links rather than being filled with bureaucratic boilerplate crap.

      In conversation about 2 months ago permalink
      Haelwenn /элвэн/ :triskell: likes this.
    • Embed this notice
      Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 01-Jan-2025 08:52:23 JST Haelwenn /элвэн/ :triskell: Haelwenn /элвэн/ :triskell:
      in reply to
      • Rich Felker
      • Jeroen Massar
      @dalias @jeroen @bagder Luckily most CVEs I've seen have the commit URL, while for named-vuln-website it's much more horrible to have actual information.
      In conversation about 2 months ago permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 01-Jan-2025 11:15:02 JST Rich Felker Rich Felker
      in reply to
      • Haelwenn /элвэн/ :triskell:
      • Jeroen Massar

      @lanodan @bagder @jeroen That's for stuff with public source & version history, and not universal.. but it's better than it used to be.

      In conversation about 2 months ago permalink
      Haelwenn /элвэн/ :triskell: likes this.
    • Embed this notice
      Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 01-Jan-2025 11:17:45 JST Haelwenn /элвэн/ :triskell: Haelwenn /элвэн/ :triskell:
      in reply to
      • Rich Felker
      • Jeroen Massar
      @dalias @bagder @jeroen Right, I almost exclusively stick to floss so I rarely see the proprietary ones unless they're spectacularly bad (like the Palo Alto CVEs of 2024).
      In conversation about 2 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.