tofu@lemmy.nocturnal.garden to Selfhosted@lemmy.worldEnglish · edit-26 hours agoRemote Code Execution in Forgejo?dustri.orgexternal-linkmessage-square26fedilinkarrow-up185arrow-down110
arrow-up175arrow-down1external-linkRemote Code Execution in Forgejo?dustri.orgtofu@lemmy.nocturnal.garden to Selfhosted@lemmy.worldEnglish · edit-26 hours agomessage-square26fedilink
minus-squarenon_burglar@lemmy.worldlinkfedilinkEnglisharrow-up7arrow-down1·15 hours agoI don’t really see what is so bad here… There was disclosure of type, but no reference to the exact code. This gives the maintainer a chance to reach out for specifics before bad actors can make a pseudo-zero day. Is it the language you object to?
minus-squarewarm@kbin.earthlinkfedilinkarrow-up5arrow-down1·12 hours agoThe entire attitude is shit. Could just contact the developers as outlined, instead of being a prude about it for some clout.
I don’t really see what is so bad here… There was disclosure of type, but no reference to the exact code. This gives the maintainer a chance to reach out for specifics before bad actors can make a pseudo-zero day.
Is it the language you object to?
The entire attitude is shit. Could just contact the developers as outlined, instead of being a prude about it for some clout.