Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mstdn.io/users/wolf480pl/statuses/114343930701437371">Wolf480pl (wolf480pl@mstdn.io)'s status on Wednesday, 16-Apr-2025 05:50:54 JST</a><a href="https://mstdn.io/@wolf480pl" title="wolf480pl@mstdn.io"><img src="https://gnusocial.jp/avatar/6007-48-20250211223719.webp" width="48" height="48" alt="Wolf480pl" style="position: absolute; left: 0; top: 0;">Wolf480pl</a><div><a href="https://queer.hacktivis.me/objects/d4685586-9850-4f7b-be71-a7e1ef7e0e3a" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/19973" title="domi@donotsta.re">Tulip ?️‍⚧️</a></li></ul></div></section><article><p><a href="https://queer.hacktivis.me/users/lanodan">@lanodan</a> <a href="https://donotsta.re/users/domi">@domi</a> <br>I think part of the problem with CVEs is that they serve two purposes without people realizing.</p><p>Similar to how issue trackers ended up serving as both a todo list / task management database, and as a defect database, leading to the shitshow called stalebot.</p><p>In case of CVEs, that'd be a difference between "this can definitely be exploited" and "this might be exploitable so apply the bugfix just in case" - IMO both are needed but for different purposes.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4899919#notice-9599222">In conversation</a><time datetime="2025-04-16T05:50:54+09:00" title="Wednesday, 16-Apr-2025 05:50:54 JST">about 2 months ago</time> <span>from <span><a href="https://mstdn.io/@wolf480pl/114343930701437371" rel="external" title="Sent from mstdn.io via ActivityPub">mstdn.io</a></span></span><a href="https://mstdn.io/@wolf480pl/114343930701437371">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4470709">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Wolf480pl (wolf480pl@mstdn.io)'s status on Wednesday, 16-Apr-2025 05:50:54 JSTWolf480pl
in reply to
- Haelwenn /элвэн/ :triskell:
- Tulip ?️‍⚧️
@lanodan @domi
I think part of the problem with CVEs is that they serve two purposes without people realizing.
Similar to how issue trackers ended up serving as both a todo list / task management database, and as a defect database, leading to the shitshow called stalebot.
In case of CVEs, that'd be a difference between "this can definitely be exploited" and "this might be exploitable so apply the bugfix just in case" - IMO both are needed but for different purposes.
In conversationabout 2 months ago from mstdn.iopermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice