rubin

@rubin@lemmy.sdf.org

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨ICEBlock handled my vulnerability report in the worst possible way⁩ ⁨⁨20⁩ ⁨hours⁩ ago⁩:
This security researcher is just wrong. The version of apache running is likely in a ‘stable’ release where critical CVEs are fixed by back-porting patches to the same older version of software. Also, if I’m reading correctly, the vulnerability he cites is dependent on malicious behavior of apps hosted behind the vulnerable server. His would likely not meet this criteria, so the vulnerability does not affect his use case.

It is the blogger, IMO, who is participating in ‘theater’. A little knowledge is a dangerous thing.