Jun 4, 2016
New Zero Day in Wordpress
A new article on Securiblog, informs of a zero day exploit in Wordpress. This exploit comes from the WP Mobile Detector plugin. It allows easy exploit through requests to resize.php and timthumb.php. See Securiblog for request samples they gathered.
It was twenty years ago you see...
OpenBSD's source tree just turned 20 years old.
I recall the import taking about 3 hours on an EISA-bus 486 with two
ESDI drives. There was an import attempt a few days earlier, but it
failed due to insufficient space. It took some time to repartition
the machine.
It wasn't terribly long before David Miller, Chuck Cranor and Niklas
Hallqvist were commiting... then more people showed up.
The first developments were improvements to 32-bit sparc.
Chuck and I also worked on setting up the first 'anoncvs' to make sure
noone was ever cut out from 'the language of diffs' again. I guess
that was the precursor for the github concept these days :-). People
forget, but even FSF was a walled garden at the time -- throwing tar
files with vague logs over the wall every couple months.
I was lucky to have one of the few 64Kbit ISDN links in town,
otherwise this would not have happened. My desktop was a Sparcstation
10; the third machine I had was a very slow 386.
The project is now at:
~322,000 commits
~44 commits/day average
~356 hackers through the years
--
On this day, is my pleasure to give you a song written for the
release by Todd Miller.
http://www.openbsd.org/lyrics.html#58a
It was twenty years ago you see
Theo opened a cvs tree
Made commits to many a file
Joined by others in a very short while
Take a moment to view
The source of all this code
The openbsd cvs repo...
We're the openssh repository
We hope you will enjoy the code
The openntpd repository
But that's not all that's here oh no...
The mandoc 'pository, smtpd 'tory
The libressl repo too
It's wonderful to see the code
Re-used far and wide
The license is so liberal
We'd love for you to code with us
We'd love for you to code...
I don't really want to have to go
But it's hackathon time and so
The coder will commit the code
That he wants all of you to load
So let me introduce to you the one and only Puffy Fish
And the openbsd cvs repo...
B... S... D...
--
(The 5.8 release will be announced and released in a few hours.)
Subscribe to:
Posts (Atom)