eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

226
active users

#apache

0 posts0 participants0 posts today

If you have just read #infosec news about “CISA warned about CVE-2024-38475” you can relax - what CISA did was they added this year old #Apache vulnerability to their watch list of vulnerabilities that being actively exploited:

https://www.cisa.gov/news-events/alerts/2025/05/01/cisa-adds-two-known-exploited-vulnerabilities-catalog

In spite of the confusing wording in third-party security news, this is not a new vulnerability:

Cybersecurity and Infrastructure Security Agency CISACISA Adds Two Known Exploited Vulnerabilities to Catalog | CISACISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Continued thread

Here is an issue in the #NATS repo with a complaint and appeal to not change the license from #Apache 2.0 to #BUSL.

If you care about #FOSS and NATS and have a #github account, then interact with this issue. Give your 👍 thumbs-up or comment on the thread.

github.com/nats-io/nats-server

:boosts_appreciated: Boosts appreciated!

@cosmonic

GitHubIs NATS really being changed to a non-Free license? · Issue #6832 · nats-io/nats-serverBy jpluscplusm

Just found out that it is no longer possible to straightforwardly write HTTP/1 requests by hand on the #terminal.

Modern #Apache will reject #HTTP 1.x requests where the line endings are not CRLF, and as far as I know it's not possible on #Linux to type a CR using the keyboard. Ctrl+M should do it in theory, but when I try, it produces LF instead of CR for some reason.

Is there by any chance a way to make the Linux #console (or #KDE #Konsole) produce CRLF when I push the Enter key?

I use a Red Hat Enterprise Linux (RHEL) 9 system as a cloud based development workstation.

The system is running on Proxmox VE and is running Apache Guacamole (guacamole.apache.org) as a clientless HTML5 remote access gateway.

I can simply access the system from any HTML5 capable web-browser and have my desktop with all the tools, I need to do some work.

(Of course, for security reasons, this is behind a strong MFA authentication)

Continued thread

Protect Apache holy site from Resolution Copper

We demand #Congress use their powers to intervene and stop the destruction of #OakFlat. We demand Congress return the full rights and religious protections to the #Apache of Oak Flat in recognition of their religious freedom.
Why is this important?
My name is #WendslerNosie Sr. I'm the former chairman of the San Carlos Apache Tribe and a member of Apache-Stronghold.

1/5

I need some advise: Is there a good portable and free (really free, not GPL!) #implementation of #bcrypt in #C around?

There's #OpenBSD source I could use, but integrating that would probably be quite a hassle...

Background: I want to start creating a second credential checker for #swad using files. And it probably makes sense to support a sane subset of #Apache's #htpasswd format here. Looking at the docs:
httpd.apache.org/docs/current/
... the "sane subset" seems to be just bcrypt. *MAYBE* also this apache-specific flavor of "iterated" MD5, although that sounds a bit fishy ...

httpd.apache.orgPassword Formats - Apache HTTP Server Version 2.4