-
**Describe the bug**
K3s binary has directory traversal (or path traversal) vulnerability.
**To Reproduce**
1. Deploy the K3s environment.
2. Configure the kubeconfig on another host to access t…
-
Coinbase has kindly offered to support the [Node.js ecosystem bug bounty program](https://hackerone.com/nodejs-ecosystem) with a cash donation. We hashed out several ad-hoc ideas in an e-mail thread b…
-
@nodejs/tsc @nodejs/security @nodejs/security-wg:
There are many businesses who depend on Node.js core that would benefit from the ability to have responsible early disclosure of security vulnerabi…
-
`IStorageChannels` currently has some kind of weird support for catching out-of-memory errors, and setting a flag to disallow creation of more channels ([see here](https://github.com/sociomantic-tsuna…
-
Dear maintainers, I'm reading here:
https://github.com/LibreSignal/LibreSignal/issues/28#issuecomment-207661671
that the people behind f-droid are willing to have LibreSignal distributed there.
What…
-
[(Join the Inflation Funding Working Group)](https://t.me/joinchat/DwEd_xahL5hHvzNYH2RnQA)
# ERC 1789 — Stable Funding for Open Source Maintainers
## A Proposal for Inflation Funding for Protocol …
-
If someone wants to fix the security issues flagged by Github in the bus-sms and courtbot repos, let me know and I'll add you as an admin to the repo so you can see the issues, fix them, and then make…
-
Today, `dep`'s primary target is Go's public, FLOSS ecosystem. The public ecosystem is the necessary shared baseline use case that must be satisfied.
Necessary...but not sufficient. Supporting priv…
-
So thinking about https://twitter.com/zooko/status/683215080859680768 again, makes me think of something else that we could potentially put into Zcash-1.0:
Once there are six 10-minute blocks (or, if…
-
Activity on all channels related to this repo ( Slack, Gitter, and here ) seem to have dropped off a while ago, picked up for a brief moment a few months ago, then dropped off again. There are many p…