News Reporter@lemmy.wtfB to

Free OpenSource Software @infosec.pubEnglish · 6 days ago

Abusing Git branch names to compromise a PyPI package

1

cross-posted to:
hackernews@lemmy.bestiver.se

2

Abusing Git branch names to compromise a PyPI package

News Reporter@lemmy.wtfB to

Free OpenSource Software @infosec.pubEnglish · 6 days ago

1

cross-posted to:
hackernews@lemmy.bestiver.se

Abusing Git branch names to compromise a PyPI package [LWN.net]

Chat

JasminIstMuede@lemmy.blahaj.zone
link
fedilink
English
arrow-up
1·
3 days ago
I’m kind of shocked something like this could even happen. At the very least it’s a lesson in sanitization I suppose.

Free OpenSource Software @infosec.pub

foss@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !foss@infosec.pub

A group for FOSS enthusiasts sharing news and projects on Free and Open Source Software and Operating Systems, including GNU/Linux, Android, applications, and more.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

27 users / day
130 users / week
525 users / month
692 users / 6 months
3 local subscribers
182 subscribers
636 Posts
105 Comments
Modlog

mods:
TuxBot@infosec.pub