- cross-posted to:
- security@lemmy.ml
- cross-posted to:
- security@lemmy.ml
You must log in or register to comment.
Glad I only run Alpine
"A qsort vulnerability is due to a missing bounds check and can lead to memory corruption. It has been present in all versions of glibc since 1992. "
This one amazes me. Imagine how many vulnerabilities future researchers will discover in ancient software that persisted/persist for decades.
That’s why you need to rock and roll
(Arch btw.)
Try having
unattended-upgradeswith a rolling distro.Man, I do this all the time. snapper and grub-btrfs has enabled all kinds of amazing things. I’m so close to just doing:
$ sudo crontab -l * * 3 * * pacman -Syu --no-confirmI’ve got separate offline backups and rescue disks, but I’m pretty confident that grub-btrfs will let me recover pretty quickly.
grub-btrfs with timeshift didn’t helped me in my upgrade from fedora 38 to 39, when i rolled back with grub-btrfs, what loaded was weird mix of 38 and 39, that didn’t even let me browse my filesystem, got to disassemble laptop, get out ssd, use it as external, and even then half of the ssd was locked, ssd was new and chmod didn’t helped, even from live usb, had to copy files with testdisk and dd zero’s on whole disk for it to work again
Security-critical C and memory safety bugs. Name a more iconic duo…
I’d have kinda preferred for public disclosure to have happened after the fix propagated to distros. Now we get to hurry the patch to end-users which isn’t always easily possible. Could we at least have a coordinated disclosure time each month? That’d be great.
