Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 8 Aug 2023 15:13:24 +0200
From: Solar Designer <solar@...nwall.com>
To: Rafael Silva <rafael.silva@...rform.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Fwd: Node.js security updates for all active release lines, August 2023

Hi,

Something weird has happened with the below message.  Per the headers,
it looks like it was resent to oss-security by a third-party(?) still on
July 31, but it actually only hit our mail server today.  I also wonder
why it wasn't(?) sent directly by Rafael, as the previous one was:

https://www.openwall.com/lists/oss-security/2023/06/14/4

Anyway, Rafael, let me also use this opportunity to ask you to please
include actual detail (such as text/plain copy-paste of the blog posts)
directly in your messages going forward, if you can.  Please also do
include the blog links, but ideally not only links.

Thanks,

Alexander

On Mon, Jul 31, 2023 at 07:49:27AM -0700, Rafael Silva wrote:
> 
> 
> 
> 
> ---------- Forwarded message ---------
> From: Rafael Silva <rafael.silva@...rform.com>
> Date: Monday, July 31, 2023 at 11:48:26???AM UTC-3
> Subject: Node.js security updates for all active release lines, August 2023
> To: nodejs-sec <nodejs-sec@...glegroups.com>
> 
> 
> 
> 
> The Node.js project will release new versions of all supported release 
> lines on or shortly after Tuesday, August 8th, 2023.
> 
> 
> For more information see: 
> https://nodejs.org/en/blog/vulnerability/august-2023-security-releases/

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.