npub19z…spj90 on Nostr: I'm, uh, "pleased" to report that the vulns found in Ubuntu's needrestart program are ...
I'm, uh, "pleased" to report that the vulns found in Ubuntu's needrestart program are _not_ memory safety C problems!
They are instead a shitshow of environment variable management problems. Did you know this program runs both Python _and_ Ruby interpreters in attacker-controlled environments? I SURE DIDN'T
https://www.bleepingcomputer.com/news/security/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root/
They are instead a shitshow of environment variable management problems. Did you know this program runs both Python _and_ Ruby interpreters in attacker-controlled environments? I SURE DIDN'T
https://www.bleepingcomputer.com/news/security/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root/