↳
In-reply-to
»
(#ucgvfmq) @movq going a little sideways on this, "*If twtxt/Yarn was to grow bigger, then this would become a concern again. But even Mastodon allows editing, so how much of a problem can it really be? 😅*", wouldn't it preparing for a potential (even if very, very, veeeeery remote) growth be a good thing? Mastodon signs all messages, keeps a history of edits, and it doesn't break threads. It isn't a problem there.😉 It is here.
⤋ Read More
@prologic@twtxt.net, there is a parser bug on parent. Specifically on this portion:
"*If twtxt/Yarn was to grow bigger, then this would become a concern again. *But even Mastodon allows editing*, so how
+much of a problem can it really be? 😅*"
@quark@ferengi.one I don’t really mind if the twt gets edited before I even fetch it. I think it’s the idea of my computer discarding old versions it’s fetched, especially if it’s shown them to me, that bugs me.
But I do like @movq@www.uninformativ.de’s suggestion on this thread that feeds could contain both the original and the edited twt. I guess it would be up to the author.
@prologic@twtxt.net I wouldn’t want my client to honour delete requests. I like my computer’s memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can’t find it.
What’s new in CRI-O 1.31
Project post originally published on Github by Sascha Grunert The CRI-O maintainers are happy and proud to announce that CRI-O v1.31.0 has been released! This brand new version contains a large list of cool new features, bug fixes and smaller… ⌘ Read more
DietPi August 2024 News (Version 9.7)
The August 2024 release of DietPi v9.7 brings a series of enhancements, bug fixes, and a major kernel upgrade for devices utilizing the RK3588 SoC. This minor update focuses on improving system stability and user experience, particularly for ODROID and NanoPi devices. DietPi: DietPi is a lightweight and optimized operating system based on Linux, tailored […] ⌘ Read more
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net I believe you are not seeing the problem I am describing.
Hit this URL in your web browser:
https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.
What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.
Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
iOS 17.6.1 & iPad 17.6.1 Released with Bug Fixes
Another day, another round of system software updates, such is the life of a modern Apple device user in this particular era of the two thousand and twenty fourth summer on planet Earth, Anno Domini. As the globe rotates to register a new day, you will be excited to learn that iOS 17.6.1 and ipadOS … Read More ⌘ Read more
MacOS Sonoma 14.6.1 & Ventura 13.6.9 Released with Bug Fixes
If you feel like you have spent a significant amount of your time updating system software on your Apple devices lately, you’re in for a treat; another round of system software updates! This time around, Apple has released MacOS Sonoma 14.6.1 along with MacOS Ventura 13.6.9 for Macs, complete with bug fixes, just one week … [Read More](https://osxdaily.com/2024/08/08/macos-sonoma-14-6-1-ventura-13-6-9-released … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
MacOS Sonoma 14.6 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.6 for Mac users running the Sonoma operating system. The MacOS Sonoma 14.6 software update primarily focuses on bug fixes and security updates for most Macs, however it does include a nice new feature specifically for the 14″ M3 MacBook Pro series allowing that Mac to support two external displays … [Read More](https://osxdaily.com/2024/07/30/macos-sonoma-14-6-u … ⌘ Read more
Wine Fixes Bugs in Windows 3.1 Software Running on Linux
Including fixes for AOL (seriously!) and 16-bit Civilization 1. A lot of Windows software runs better under Linux than Windows nowadays. ⌘ Read more
iOS 17.6 & iPad 17.6 Released for iPhone & iPad
Apple has issued software updates for iPhone and iPad, versioned as iOS 17.6 and iPadOS 17.6, respectively. The new software updates include bug fixes and security patches, and do not include any new features or changes to the operating systems. iOS 17.6 and iPadOS 17.6 are now the latest final stable builds of operating systems … Read More ⌘ Read more
Updated Beta 4 of iOS 18 & iPadOS 18 Released
Apple has issued updated 4th beta versions for iOS 18 and iPadOS 18. The new build is 22A5316k. It’s unclear what the purpose of the newly released 4th beta build is, but given it’s small size and quick release, it’s reasonable to assume it’s either a bug fix or security patch. If you have already … Read More ⌘ Read more
@prologic@twtxt.net Try hitting this URL:
https://twtxt.net/external?nick=nosuchuser&uri=https://foo.com
Change nosuchuser to any phrase at all.
If you hit https://twtxt.net/external?nick=nosuchuser , you’re given an error. If you hit that URL above with the uri parameter, you can a legitimate-looking page. I think that is a bug.
↳
In-reply-to
»
Hack of the day: running
⤋ Read More
watch -n 60 rm -rf /tmp/yarn-avatar-* in a tmux because all of a sudden, without warning, yarnd started throwing hundreds of gigabytes of files with names like yarn-avatar-62582554 into /tmp, which filled up the entire disk and started crashing other services.
@prologic@twtxt.net Sure, but why would this start happening all of a sudden today? Nothing like this has happened before. Is this a known bug?
Release Candidate for iOS 17.6, macOS Sonoma 14.6, iPadOS 17.6 Available for Testing
Apple has issued the Release Candidate builds for iOS 17.6 for iPhone, ipadOS 17.6 for iPad, and macOS Sonoma 14.6 for Mac. Release Candidate builds are typically the last finalized beta build, which, assuming there are no significant bugs or security issues found, often matches the final version of that software to be released to … [Read More](https://osxdaily.com/20 … ⌘ Read more
Don’t get cocky: CrowdStrike can happen to Linux & Mac too
I know. The Windows Blue Screen of Death is funny. I get it. But don’t forget: Linux & macOS have seen some gnarly similar issues. Including some bugs that granted root access, completely broke graphical systems (like XOrg), and more. Funny Programming Pictures Part XLVIII - CrowdStrike BSOD Edition: ⌘ Read more
ProcessOne: ejabberd 24.02
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– **
DietPi July 2024 News (Version 9.6)
The July 2024 release of DietPi v9.6 introduces new software, enhancements, and bug fixes to enhance user experience and system performance. This update includes the addition of the IRC bouncer software package soju and several improvements across different devices and features. ⌘ Read more
Ignite Realtime Blog: Openfire 4.8.2 Release
Openfire 4.8.2 has landed!
This release addresses a number of issues in the real time collaboration server created by the Ignite Realtime Community that aim to reduce bugs and increase stability and performance.
Interested in getting started? You can [download installers of Openfire here](https://igniterealtime.org/downloads/#op … ⌘ Read more
ProcessOne: ejabberd 24.02
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– ** in the renderer sandbox of Chrome by a single visit to a malicious site.
The post [Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties](https://github.blog/2024-06-26-attack-of-the-cl … ⌘ Read more
Gajim: Gajim 1.9.1
Gajim 1.9.1 introduces a menu button, adds improvements for Security Labels, and fixes some bugs. Thank you for all your contributions!
Since Gajim 1.9.0, you can toggle Gajim’s main menu bar by pressing Ctrl+M. In order to have a proper replacement for when the menu bar is hidden, we added a menu button to the top left, which contains all of the menu bar’s items.
If you are using Security Labels ( XEP-0258) with Gajim, you ca … ⌘ Read more
DietPi June 2024 News (Version 9.5)
DietPi June 2024 News (Version 9.5)
The June 2024 release of DietPi v9.5 introduces exciting new features, significant enhancements, and bug fixes to ensure a more robust and streamlined experience for users of various single-board computers. This version includes the introduction of a new software package, Forgejo, alongside updates tailored to enhance compatibility and performance. ⌘ Read more
10 years of the GitHub Security Bug Bounty Program
Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.
The post 10 years of the GitHub Security Bug Bounty Program appeared first on The GitHub Blog. ⌘ Read more
iOS 17.5.1 & iPadOS 17.5.1 Update Released to Fix Reappearing Deleted Photos Bug
Apple has released a small bug fix update for iPhone and iPad versioned as iOS 17.5.1 and iPadOS 17.5.1. The update specifically aims to fix a very strange bug where deleted photos would randomly reappear on some users devices. Sometimes the photos that reappeared on user devices were deleted many years prior, raising serious questions … [Read More](https://osxdaily.com/ … ⌘ Read more
MacOS Ventura 13.6.7 & macOS Monterey 12.7.5 Updates Available
macOS Ventura 13.6.7 and macOS Monterey 12.7.5 are now available as software updates for Mac users who are not running the macOS Sonoma operating system and the just released MacOS Sonoma 14.5 update. macOS Ventura 13.6.7 and macOS Monterey 12.7.5 focus on security fixes and are not expected to include any significant changes, bug fixes, … [Read More](https://osxdaily.com/2024/05/14/macos-ventura-13-6-7-ma … ⌘ Read more
DietPi May 2024 News (Version 9.4)
DietPi May 2024 News (Version 9.4)
The May, 2024 release of DietPi v9.4 brings several enhancements, new system images, and crucial bug fixes, ensuring a more stable and efficient experience for users of various single-board computers. ⌘ Read more
iOS 17.5 & iPadOS 17.5 Updates Released with Bug Fixes
iOS 17.5 for iPhone, and iPadOS 17.5 for iPad, have been released by Apple. The new software updates are available with bug fixes, security enhancements, enhancements to Apple News, and a new Pride Radiance wallpaper from Apple to celebrate the LGBTQIA2S++ communities for Pride month. Separately, updates are also available for watchOS 10.5, tvOS 17.5, … [Read More](https://osxdaily.com/2024/05/13/ios-17-5-ipados-17-5-update-download … ⌘ Read more
MacOS Sonoma 14.5 Update Released with Security Fixes
Apple has released MacOS Sonoma 14.5 for Mac users running the Sonoma operating system. The MacOS 14.5 update includes bug fixes, security enhancements, and some changes and improvements to add various word games to the paid Apple News+ service. Mac users running earlier versions of system software will find MacOS Ventura 13.6.7 and MacOS Monterey … [Read More](https://osxdaily.com/2024/05/13/macos-sonoma-14-5-update-released- … ⌘ Read more
DietPi April 2024 News (Version 9.3) & Open Beta Version 9.4.0
DietPi recently released version 9.3, followed by Open Beta v9.4.0, with both updates introducing new features, enhancements, and bug fixes to the lightweight Linux distribution. DietPi: DietPi is a lightweight and optimized OS based on Linux, specifically designed for single-board computers and small-scale devices. It aims to provide a minimal and efficient environment for running […] ⌘ Read more
Ignite Realtime Blog: Smack 4.4.8 released
We are happy to announce the release of Smack 4.4.8, our XMPP-client library for JVMs and Android. For a high-level overview of what’s changed in Smack 4.4.8, check out Smack’s changelog
Smack 4.4.8 contains mostly small fixes. However, we fixed one nasty bug in Smack’s reactor causing an, potentially endless, busy loop. Smack’s new connection infrastrucutre makes heavy use of the reactor, tha … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
MacOS Sonoma 14.4.1 Update Released with Bug Fixes & Security Updates
Apple has released macOS Sonoma 14.4.1 as an update for Mac users running the Sonoma operating system. The software update includes bug fixes and security enhancements, and appears to resolve the USB hub and external monitor issues that some Mac users were experiencing with macOS Sonoma 14.4 update. Separately, macOS Ventura 13.6.6 is also available … [Read More](https://osxdaily.com/2024/03/ … ⌘ Read more
iOS 17.4.1 Update Released for iPhone & iPad
Apple has issued iOS 17.4.1 update for iPhone, and iPadOS 17.4.1 update for iPad. The software updates include bug fixes and security enhancements for iPhone and iPad. Additionally, there’s an update available for Apple Vision Pro’s VisionOS 1.1.1, for users who have the spatial computing headset. How to Download & Install iOS 17.4.1 / iPadOS … Read More ⌘ Read more
DietPi March 2024 news (version 9.2)
DietPi, a lightweight and optimized software for single-board computers, has announced its latest update, version 9.2, released on March 16th, 2024. This new release introduces a range of enhancements and bug fixes, focusing on improving user experience and system stability. DietPi: DietPi is a lightweight and optimized OS based on Linux, specifically designed for single-board […] ⌘ Read more
PSA: hvis du har en underlig ikke-rooted android (feks en google-fri android eller lineage OS) og gerne vil have det nye #mobilepay til at virke, kan du bruge det her workaround til en bug i deres elendige root-detection software
https://github.com/scottyab/rootbeer/issues/181#issuecomment-1735171558 ⌘ Read more
MacOS Sonoma 14.4 Update Released with New Emoji & Bug Fixes
MacOS Sonoma 14.4 update has been released by Apple for Mac users running the Sonoma operating system. The macOS Sonoma 14.4 update includes cutting edge new Emoji icons like a mushroom, lime, phoenix, broken chain, and shaking heads, along with new versions of existing Emoji icons that face the opposite direction. Additionally, there’s support for … [Read More](https://osxdaily.com/2024/03/07/macos-sonoma-14- … ⌘ Read more
iOS 17.4 Update Released to Download with New Emoji, Podcasts Transcripts, & Bug Fixes
Apple has released iOS 17.4 update for iPhone, and ipadOS 17.4 update for iPad. The iOS/iPadOS 17.4 updates feature new Emoji icons including a phoenix and mushroom, a podcasts transcription feature, a handful of bug fixes and security updates, along with some minor additions and changes. European users also gain some specific new capabilities that … [Read More](https://osxdaily.com/2024/03/05/ios-17-4-update-dow … ⌘ Read more
Armbian Project Releases Armbian 24.2 ‘Kereru’
The Armbian community has recently announced the release of Armbian 24.2, codenamed ‘Kereru’. This update represents the latest development in the Armbian series, a Linux distribution that specializes in running on ARM-based devices. Armbian 24.2 Kereru includes several enhancements and bug fixes aimed at improving the stability and functionality of the operating system. Major Highlights […] ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
ProcessOne: ejabberd 23.01
Almost three months after the previous release, ejabberd 23.01 includes many bug fixes, several improvements and some new features.
A new module, mod_mqtt_bridge, can be used to replicate changes to MQTT topics between local and remote servers.
A more detailed explanation of those topics and other features:
Erlang/OTP 19.3 discouragedRemember that support for Erlang/OTP 19.3 is discouraged, and will b … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
ProcessOne: ejabberd 23.04
This new ejabberd 23.04 release includes many improvements and bug fixes, as well as some new features.
- Many SQL database improvements
mod_mamsupport for XEP-0425: Message Moderation
- New
mod_muc_rtbl, Real-Time Block List for MUC rooms
- Binaries useErlang/OTP 25.3, and changes in containers
A more detailed explanatio … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more
ProcessOne: ejabberd 24.02
🚀 Introducing ejabberd 24.02: A Huge Release!
ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We’ve packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.
– 🌐 Matrix Federation Unleashed: Imagine seamlessly connectin … ⌘ Read more