Mastodon Feed
soatok@furry.engineer ("Soatok Dreamseeker") wrote:
Most of the time, vulnerability disclosure is a boring process. To wit: https://ghostarchive.org/archive/zz4yh
I told the developer about some issues found in Conversations.
I had looked at it in 2024 when I wrote Against XMPP+OMEMO but was too busy to verify them until recently. A lot of code had changed since then, and most of the probable bugs from then have since evaporated or were false positives.
Daniel fixed them all in like, 24 hours of me telling him.