On 8/17/25 20:44, David A. Wheeler wrote:
[...]
I proposed forbidding such characters to POSIX. They *did* add a few mechanisms
to POSIX
to make it somewhat easier to handle filenames with control characters
(e.g., find -print0 and xargs -0). However, although they do not *require*
that operati
On 1/14/25 08:53, Nick Tait wrote:
Hello OSS-security,
Two independent groups of researchers have identified a total of 6
vulnerabilities in rsync. In the most severe CVE, an attacker only requires
anonymous read access to a rsync server, such as a public mirror, to
execute arbitrary code on the
Severity: moderate
Affected versions:
- Apache Commons OGNL: all versions
Description:
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command
Delimiters vulnerability in Apache Commons OGNL.
This issue affects Apache Commons OGNL: all versions.
When using the API Og
