Notices tagged with gnu, page 3

2.7までのGNU inetutilsに含まれるtelnetdに、細工した環境変数を送信するだけで認証を回避して特権ユーザーでのログインが可能な脆弱性が発見されらしい。CVE-2026-24061。いまどきtelnetdをThe Internetに露出している人はそうそういないはずとはいえ、なかなか興味深いので調べてみたところ。`telnetd`が`execv()`で呼び出す`/usr/bin/login`のコマンドラインオプションをうまく使うことでそういうことができてしまうようで、正直興奮した。

https://www.safebreach.com/blog/safebreach-labs-root-cause-analysis-and-poc-exploit-for-cve-2026-24061/

#CVE #GNU #inetutils #login #telnetd #サイバーセキュリティ #セキュリティ #情報セキュリティ #脆弱性

GNU Guix 1.5.0 is now here, featuring lots of great new features, including ISO-9660 installation images and virtual machine images! https://u.fsf.org/4a9 #GNU #GUIX

GNU Guix 1.5.0 is now released!

https://guix.gnu.org/blog/2026/gnu-guix-1.5.0-released/

#guix #gnu #guile

@sysedit @fsf@hostux.social Mismanagement by the FSF for not providing adequate infrastructure for the #GNU project.

There was some vague promises to “fix” things, over the course of ten years… we was promised a new forge, new hardware, but what we got was worse; @FSF employees micromanaging the GNU project and harassing hackers. @iank

@sysedit @viz or a better example, #GNU #Lilypond.

Images in info has been a thing for some 20 years.

Enjoy this remote root exploit in telnetd! #telnet #gnu https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html

@xgranade > I'm pointing out that the GPL correctly recognizes that users can be subjugated when a copy is made

Users _CANNOT_ be subjugated if they use the #GNU GPL.

That is the whole point of the GPL.

@dave

Our associate members allow us to continue to be the preeminent free licensing resource for #FreeSoftware developers, protect and maintain the infrastructure for the #GNU project and other free software projects, and strengthen our advocacy campaigns that seek to secure the future of a free society. Join us today: https://www.fsf.org/join #FSF #FSFTable

Street art in #Paris is weird these days.
#Debian #GNU/#Linux

Computers in 2026, have little point. We cannot write #FreeSoftware for them, the @fsf actively hinders the #GNU project with dead beat projects like LibrePhoolery, refuses to keep basic infra structure running, blocks #GNU maintainers from talking about these issues. The FSF president @iank prefers to sit in silence and not do anything.

We have pointless garbage like VomitBots.

Maybe 2026 is when I stop enjoying a craft that I’ve been in love with for 40 years.

@petealexharris but all that #LLM generated code has to be considered #GNU #GPL, because GNU General Public License code was certainly included in all the training sets. Clause 5(c) applies.

#FreeSoftware

https://www.gnu.org/licenses/gpl-3.0.en.html

Anyone else affected by the constant #gnu dot org outtages? I wanted to sign up to Savannah but they are not sending the sign-up mail. Half the time I try to open a page on their server it does not load. It has been like this for at least a week.

What is there to do? Just create a permanent fork for the GNU projects I want to fix on my Codeberg?

#freesoftware #development

@sysedit Yes. The @fsf doesn’t care about fixing GNU infrastructure. Several GNU projects have migrated out of Savannah already.

In fact, if you can help them move that would be great. #FSF #GNU

The December #GNU Spotlight by Amin Bandali is now available! Read it here: https://www.fsf.org/blogs/community/2026-december-gnu-spotlight #FSF #GNUPG #a2ps

Happy #GNU Year!

I feel the recognition of the GNU project has remained limited to the core utilities rather than a complete operating system.

I think #FSF should think about shipping a GNU/Linux-Libre distribution to spread the ethical ideas of software freedom and demonstrate the practicality of the ethics. @iank

Or can we consider / declare #Guix as our official GNU operating system?

#SoftwareFreedom #LibreSoftware

Happy Gnu Year! Here is to a new year of enjoying software that respects your freedom to use it as you wish, study it to learn how it works, modify it to better meet your needs, and share it with others! #GNU #FreeAndLibreOpenSourceSoftware #fsf

@p @graf@poa.st it's not quite true, for quite a long time. For example, Systemd is not made by the GNU team. There's a ton of other examples. GNOME, for example, is no longer a part of GNU since 2019. KDE was never a GNU project.

So, Linux is an OS in itself. Yes, it does use the work of the GNU team, but it's much bigger than GNU.

#foss #gnu #linux

Want to see your name on the #GNU #CopyrightAssignment list? Contribute to #GNU and assign your copyright to the #FSF today: u.fsf.org/xe