Event JSON
{
"id": "7d31e8e62757887b369f8eb7ed9802b8bdfab6ebf76adf5745da885f5958335c",
"pubkey": "1ace4183023bdcb7b5a5cdd66bc466e132e434adb59172ccfb846642760eab8c",
"created_at": 1719983140,
"kind": 1,
"tags": [
[
"t",
"pkgsrc"
],
[
"p",
"e21e58873cf62cc947b00cd059423a6b37f3c191cf4539e418d605ed7e91ade6"
],
[
"e",
"0470082efdfedcfd5792992260a7011264734f4c0634fa27f90a738b9e698fd9",
"",
"reply"
],
[
"p",
"97068843b603e21b17d20462bfa83d6e22effec45ca255ed50cacba366dae859"
],
[
"proxy",
"https://bitbang.social/@overeducatedredneck/112720815076689630",
"web"
],
[
"e",
"f976927f560b052e5ae084c6d2a3e2978d735203ed94ea8f4a041aa4406384fd",
"",
"root"
],
[
"proxy",
"https://bitbang.social/users/overeducatedredneck/statuses/112720815076689630",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://bitbang.social/users/overeducatedredneck/statuses/112720815076689630",
"pink.momostr"
],
[
"expiration",
"1722687718"
]
],
"content": "The Qualys team did their proof-of-concept exploit against glibc+Linux (specifically Debian) systems. They note in the technical write-up that OpenBSD should not be vulnerable due to it having a syslog_r(3) that was designed specifically to block these things. NetBSD ported it from OpenBSD in 4.0, and thus should also be safe.\n\nThat said, best not to leave these things sitting around. (Also, killer job to the #pkgsrc team that snuck the patch in to the 2024Q2 release!)",
"sig": "51041eda8140fd82d34c5eb37fcb4c6b04a08993d1752cf5500c3b07972b640f9a9e45f4c3bd11c30f4ec9e2c6bb02504919680b9693340fec583a5c1db6627b"
}
