Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

9.5K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.5

Public
musl libc

OpenSSH sshd on musl-based systems is not vulnerable to RCE via CVE-2024-6387 (regreSSHion).

This is because we do not use localtime in log timestamps and do not use dynamic allocation (because it could fail under memory pressure) for printf formatting.

While the sshd bug is UB (AS-unsafe syslog call from signal context), very deliberate decisions we made for other good reasons reduced the potential impact to deadlock taking a lock.

Public
Dušan Mitrović

@musl I'll use musl when most software I use doesn't depend on glibc extensions.

Cassandrich

@dusnm @musl The point isn't always getting you to use it. Use what works for you. Sometimes the point is proving the benefits of the implementation choices we made and encouraging their adoption. A big motivation of musl has always been motivating glibc to be better, so you win even if you don't use it.

Jul 02, 2024, 03:09 AM·Public·Web
5boosts·6favorites
ExploreLive feeds
About