Look, I’m not a fan of them either, but you can’t go around referring to members of parliament that way.
Look, I’m not a fan of them either, but you can’t go around referring to members of parliament that way.
I agree with that assessment, and tbh I’m happy for it
The questionable commit:
{
// Add the first line of localized text...
cupsFilePrintf(fp, "*%s.%s %s/", lang->language, ppd_option, ppd_choice);
while (*text && *text != '\n')
{
// Escape ":" and "<"...
if (*text == ':' || *text == '<')
cupsFilePrintf(fp, "<%02X>", *text);
else
cupsFilePutChar(fp, *text);
text ++;
}
cupsFilePuts(fp, ": \"\"\n");
}
Can someone explain to me how this allows arbitrary code execution? As far as I can see, all it does iterate through a string and markup some special characters.
Edit: Okay, after reading the blog post, and this fantastic bug report, it sounds like to print to a CUPS server, you send it a message on port 631 using an IPP (some print protocol) server. CUPS then requests attributes of the IPP server, one of which being the print filter command to run (“Foomatic-rip”) to use to convert a PS or PDF into native print code. By requesting attributes, an exploit involving string escaping through the use of unexpected spaces or quotes can override the Foomatic print command. Arbitrary text can be supplanted, which will then be executed by the CUPS server.
Fuck blue LED’s in general. No I don’t want to be able to see my Wifi repeater doubling as an adult nightlight.
Luxury, my dad took mine off the hinges due to my online activities
Bulldoze the community garden and replace it with glass
This is my sermon
This is my sermon
This is my sermon
I’m quite a big fan of perplexity AI, which shows you sources it used to generate the answers. One thing I often do is type a question, glance the automated answer and then jump to the source to see what the users said (basically I use it like a tailored search engine)
Admittedly, there’s nothing stopping the company from throwing up fake sources to “legitimize” their answers, but I think that once models become more open (e.g. AMD’s recent open weights addition is an amazing leap forward) it will be harder to slip in fake sources
Exactly. Is it just a webpage served up with some native UI buttons to make it look more glossy? Are app permissions implemented as separate system users under POSIX? How many apps are written in languages/frameworks running from interpreters, and how many actually touch bare metal? Are app media that use Gallery permissions duplicating data or linking to it?
No one knows what an app is, the app development frameworks I learned 10 years ago are no longer relevant and have likely shifted to a whole new paradigm. If it looks perplexing to me, I can imagine it looks like magic to non-techies.
I think people fear it being an annoying default they can’t switch off, instead of the useful supplement it currently is.
This is a betrayal of Lord Immich’s good name and estate.
That pencil pusher might be the sole interface to billions of autogenerated CVs, wwyd?
That explains a lot hygiene-wise
(low shot, I’m sorry.)
The HR department might be shite, but the data team might be good.
I really want to know where this is from
Go to the doctor immediately. Forgetting the plot points of the initial story arc of any manga is a genuine sign of IBS, which as we know can cause enhanced toilet awareness.
I don’t get it. The one on the right is a dehumidifier, the one in the middle is a compact coffee grinder, and the one on the left is a toaster. What am I missing?
I remember when I was a kid and was waiting for the holidays to come. I couldn’t read a calendar and could barely tell the time, so I just went through this bored/depressive period every single day for what seemed like an eternity until suddenly the holidays came.
I knew it existed, just had no concept of time.