Free, Libre, and Open Source Software Leftovers
-
Thunderbird ☛ Thunderbird Monthly Development Digest: July 2024
Hello Thunderbird Community! As we say goodbye to the month of July, we look back at our major accomplishments and the release of a new ESR version.
-
[Repeat] Trail of Bits ☛ Our audit of Homebrew
We found issues within Homebrew that, while not critical, could allow an attacker to load executable code at unexpected points and undermine the integrity guarantees intended by Homebrew’s use of sandboxing. Similarly, we found issues in Homebrew’s CI/CD that could allow an attacker to surreptitiously modify binary (“bottle”) builds of formulae and potentially pivot from triggering CI/CD workflows to controlling the execution of CI/CD workflows and exfiltrating their secrets.
This audit was sponsored by the Open Tech Fund as part of their larger mission to secure critical pieces of internet infrastructure. You can read the full report in our publications repository.
-
Dan Q ☛ Tidying WordPress’s HTML
It’s an inconsequential difference for most purposes, but apparently it bugs him, so he fixed it… although he went on to observe that he hadn’t managed to successfully tackle all the instances in which WordPress was outputting redundant closing marks.
-
Web Browsers/Web Servers
-
Daniel Stenberg ☛ curl 8.9.1
Some annoying regressions triggered this.
-
The Servo Blog: This month in Servo: console logging, parallel tables, OpenXR, and more!
Servo has had several new features land in our nightly builds over the last month: [...]
-
-
Open Data
-
Ethan Zuckerman ☛ Road trip! Driving by data set
Me? I like to start a trip with a data set.
-