I think that the OP(the article author) is not looking at this the right way. Like yea it sucks another exploit is found, but it’s not like if it wasn’t found it doesn’t exist.
I think its much better to have them published and fixed then to live in blissful ignorance when someone could be exploiting it in the wild.
It’s listed as medium severity and appears to require the hacker to already have terminal access to the system. It’s also already patched and there’s a quick and easy workaround if your distro doesn’t have the fix yet.
Oh FFS, the rest of my life is doomed to be spent updating software
That’s what we call job security, I suppose.
🌏🧑🚀🔫🧑🚀
Always has been!
But careful not to update too fast and fall on the supply chain attack of the week.
Pretty sure that was in the bible.
Proverbs 25:16 - If you find honey, eat just enough - too much of it, and you will vomit.
Could update that to be: If you find updates, apply them - too soon though, and you will vomit your credentials.
Oh good. Nothing too serious, then.
All found with AI, you haters. And Linus complains the mailing list is too busy… with bugs.
All found with some AI assistance and a lot of human expertise sifting through the hallucinations to work out the actually exploutable stuff. And the AI bug apocalypse has turned up a whole 4 bugs serious bugs so far, ooo scary. I’m still waiting to be impressed.
And that (obviously) is the low hanging fruit. We end up with a more secure kernel, and these filter in at a manageable rate and the bar raises. Pretty damn good scenario IMO.
Closed source is going to have a much worse time.
It’s funny how almost all the AI services out there seem to have forgotten to publish any precision/recall stats.
No one thinks impressing you is a goal.
Easy there Pickle Rick you might cut yourself on that edge lol
It got your attention ;)
Yes, the goal is to impress easily distracted rubes.
Which it has clearly done.
too busy… with bugs.
with duplicate bug reports.
“the continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools.”
Mailing lists, it turns out, is a bad tool.
It’s worked for over 30 years, until the slop generators turned on.
Dunno duder
Times change. I’d say if slop finds exploitable bugs, it’s not slop. And if your 30 year old method of doing something doesn’t work anymore, take a few minutes to make a better solution. 🤷♂️
Why are you like this?
Lemmy has driven me to be an angry person who likes to point out how hypocritical people are.
You should try not sucking at it though.
Sucking is relative. I would have to respect you for that to be an insult.
You’re getting ratio’d pretty hard (by lemmy standards)
You don’t have anyone here’s respect, so why would they care for yours?
I don’t have any concern for votes because I do not display them. Just because you, and several other alt accounts can push a down button doesn’t mean that will ever affect me – because I can’t see it. However, according to you – every single down voted comment is a bad comment regardless of its content. So according to you, if I get downloaded for complaining about, let’s say murdering innocent children, then I must be a bad person. Your logic doesn’t work out buddy.
logic
I didn’t read your message.
Edit: Because you seem a little thick: Because I don’t respect you.
All found with AI, you haters. And Linus complains the mailing list is too busy… with bugs.
All found with my infinite set of monkeys on typewriters.
