use the following search parameters to narrow your results:
e.g. subreddit:pics site:imgur.com dog
subreddit:pics site:imgur.com dog
advanced search: by author, sub...
~5 users here now
Technology and related articles and discussion
Boycott 7-zip: "Limited" Open Source & Security Issues
submitted 1 year ago by [deleted] from nixsanctuary.com
view the rest of the comments →
[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 1 year ago (1 child)
I'm not sure if anyone here's aware of it, but there was a recent news spash on a fake CVE submission re 7zip. Somebody took the time to make up an invalid proof of concept and create submissions that ended up s a CVE. This was covered in a linux security podcast last month. This thread also covers it.
https://sourceforge.net/p/sevenzip/discussion/45797/thread/65ce9ab4cb/
It looks like multiple people were involved in what looks like a campaign.
[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 1 year ago (0 children)
I found the OSSec podcast i think:
https://opensourcesecuritypodcast.libsyn.com/episode-323-the-fake-7-zip-vulnerability-and-sbom
view the rest of the comments →
[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (1 child)
[–]infocom6502 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (0 children)