💾 Archived View for gemi.dev › gemini-mailing-list › 000891.gmi captured on 2023-11-04 at 13:10:58. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Versions of gmnisrv[0] which were built after commit ea360fa4c10791c3c720c33470c86923424348fe are vulnerable to a path traversal exploit, in which a specially crafted Gemini request can be used to read any file on the host's filesystem. [0]: https://git.sr.ht/~sircmpwn/gmnisrv This issue was fixed in commit 0dc0e4432a70eafde69509fde8a29802e46ae712.
---
Previous Thread: [users] New Gemlog from someone from the audiogames forum