lnl on Nostr: subscribing to oss-security@ be like "Excessive time spent checking invalid RSA ...
subscribing to oss-security@ be like "Excessive time spent checking invalid RSA public keys", "Reflected XSS except it does not execute due to CSP", and then you become :cerealspit: seeing "backdoor in upstream xz/liblzma leading to ssh server compromise" notification
(if this is how you learned,
https://openwall.com/lists/oss-security/2024/03/29/4)
Published at
2024-03-29 17:54:23Event JSON
{
"id": "139ad53583c0990f6760fac75ea9ab807b02ae422e479bbf93190e298035e763",
"pubkey": "40f28b879ca42849b10da452551ea8ae6e04139402d45625119d2ff95bc9378f",
"created_at": 1711734863,
"kind": 1,
"tags": [
[
"proxy",
"https://screaminginsi.de/users/lnl/statuses/01HT5NJDH1FYSA1HJRH8HZW9J6",
"activitypub"
]
],
"content": "subscribing to oss-security@ be like \"Excessive time spent checking invalid RSA public keys\", \"Reflected XSS except it does not execute due to CSP\", and then you become :cerealspit: seeing \"backdoor in upstream xz/liblzma leading to ssh server compromise\" notification\n\n(if this is how you learned, https://openwall.com/lists/oss-security/2024/03/29/4)",
"sig": "6b594e2821bbec4def6ccfe81d3e50bb04644265f429f7fd658aacc2db0863ff5b9e07d32cdc385fcaf2f623f48c34a7fc8c11f662d367d2518b4766a47fe3e0"
}