~sircmpwn/gmni-devel

[gmnisrv] Notice of security vulnerability

Details
Message ID
<CB4IAP9QFTXK.XK4TXZIPDF31@taiga>
DKIM signature
pass
Download raw message
Versions of gmnisrv[0] which were built after commit
ea360fa4c10791c3c720c33470c86923424348fe are vulnerable to a path
traversal exploit, in which a specially crafted Gemini request can be
used to read any file on the host's filesystem.

[0]: https://git.sr.ht/~sircmpwn/gmnisrv

This issue was fixed in commit 0dc0e4432a70eafde69509fde8a29802e46ae712.
Reply to thread Export thread (mbox)