Tootfinder

Opt-in global Mastodon full text search. Join the index!

No exact results. Similar results found.
@paulbusch@mstdn.ca
2026-02-08 13:23:52

Good Morning #Canada
Here in beautiful Belle Ewart the temp is -22°C, feeling like -31°C with the wind. But it's a dry cold....
Out west they are struggling with double digit temperatures on the plus side. Edmonton's winter festival organizers are making snow, protecting ice blocks and praying for plunging temps to save their skating rink. The unseasonable weather has impacted events throughput Alberta. The Banff and Lake Louise ice carving festival, Art of Ice, had to take down sculptures because they weren't safe. They were similarly impacted last year. The World’s Longest Hockey Game (WLHG) got underway last Thursday and players are dealing with slushy conditions while golf driving ranges are packed with eager duffers.
I'd gladly make the sacrifice and swap weather conditions with our fellow Canucks out west. It would be a burden that I'd gladly carry.
#CanadaIsAwesome #Weather
youtu.be/W59Pi5S-Vic

@kexpmusicbot@mastodonapp.uk
2026-03-07 22:14:15

🇺🇦 #NowPlaying on KEXP's #VarietyMix
EELS:
🎵 Fresh Feeling
#EELS
thrashfuneralchapel.bandcamp.c
open.spotify.com/track/7iNjxpU

@adulau@infosec.exchange
2026-02-07 08:07:19

Following a great question from CERT.PL about GCVE KEV assertion format and especially about the confidence level for an evidence of a vulnerability assertion.
We made a first table of confidence level for the evidence in the KEV record format.
#kev #gcve

| Confidence | Label | Meaning (confidence in this evidence item) | Typical exploitation evidence examples | |-----------:|------------------|---------------------------------------------|----------------------------------------| | 0.0 | None | No usable evidence or placeholder only | Empty claim; unresolved rumor with no traceability | | 0.1 | Extremely low | U…
@mgorny@social.treehouse.systems
2026-03-19 12:23:26

Proper #security nightmare time.
#LMDB is a database that's designed to operate on trusted input. Upstream has historically rejected all bug reports regarding problems with malformed input.
Py-LMDB project provides #Python bindings to LMDB that are normally built against bundled LMDB. Someone recently started mass-filing "untrusted input" vulnerabilities against py-lmdb, and py-lmdb started #slop - coding fixes to their bundled LMDB. Of course, nobody even bothered reporting most of these bugs upstream, and the one that I've seen reported was rejected as "don't do that".
Py-LMDB supports building against system LMDB, and #Gentoo was doing that so far. However, now we are facing a problem: system LMDB operates under the assumption that it is working on trusted input, while py-lmdb (and its bundled LMDB) operates under the assumption that it may be working with untrusted input. The guarantees no longer align.
If we continue to use system LMDB (and skip all the added slop tests that literally cause Python to crash), then Gentoo's py-lmdb package will now have different input expectations than upstream py-lmdb. And of course we can't just remove that crap because someone added exactly one package (TorchVision, i.e. part of the plagiarism machine suite) depending on it.
bugs.gentoo.org/971352