joernchen (@joern@threatactor.club)

Single post

jump to replies

Patch you Gits!

End of last year I had the big pleasure to work with @marver and @mumblegrepper in a code review of Git.

Here's what we got for you:

https://www.openwall.com/lists/oss-security/2023/01/17/4

https://x41-dsec.de/security/research/job/news/2023/01/17/git-security-audit-ostif/

Published: Jan 17, 2023, 18:13
Visibility: Public
Replies: 4

Language: English
Favourites: 39
Reblogs: 48

6 replies

back to top

mumblegrepper @mumblegrepper@flokinet.social

@joern @marver looking forward to work with you two again

Published: Jan 17, 2023, 18:20
Visibility: Public
Replies: 1

Favourites: 1
Reblogs: 0

Markus Vervier 👾 @marver@mastodon.social

@mumblegrepper @joern hopefully not too long until we do it again! :-)

Published: Jan 17, 2023, 21:55
Visibility: Public

Replies: 0
Favourites: 1
Reblogs: 0

Joxean Koret (@matalaz) @joxean@mastodon.social

@joern @marver @mumblegrepper great work folks!

Published: Jan 17, 2023, 18:20
Visibility: Public

Replies: 0
Favourites: 1
Reblogs: 0

Alex Coventry @alx@mastodon.mit.edu

@joern @marver @mumblegrepper ☝️ Potential #git #rce's. #infosec.

(Hashtags for greater potential visibility.)

Published: Jan 17, 2023, 21:27
Visibility: Public

Replies: 0
Favourites: 0
Reblogs: 0

lj·rk @ljrk@todon.eu

@joern @marver @mumblegrepper Does

`git bundle create --progress` and
`git bundle verify -q` still lead to a segfault?

Published: Jan 17, 2023, 23:06
Visibility: Public
Replies: 1

Favourites: 0
Reblogs: 0

Markus Vervier 👾 @marver@mastodon.social

@ljrk I wouldn't bet against it ;-)

Published: Jan 18, 2023, 14:53
Visibility: Public

Replies: 0
Favourites: 0
Reblogs: 0