@chpietsch@fedifreu.deTelnet is a remote login protocol that became obsolete in 1995 when SSH became available because SSH offers transport encryption while telnet does not.
Those who kept a telnetd running for whatever reason (and did not hide it behind a firewall) have had a root backdoor for the last ten years.
The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USE…
@heiseonline@social.heise.de
@adulau@infosec.exchangeReminder: under GPL/AGPL, “Corresponding Source” includes everything needed to build and modify the work. That means AI prompts, generated scripts, and config files as well. Don’t leave them out.
"The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities."
@jdrm@social.linux.pizzaMastodon días. Para el turno de mañana (de muy por la mañana), ayer me dio por poner por escrito unas notas para usar Autofirma en GNU/Linux.
https://jdrm.info/configurando-la-firma-digital-en-gnulinux.html
También en
@comex@mas.toGNU Parallel is such a nice program. It has a bunch of features that, sure, you could cobble together with a program or shell script, but that with Parallel are just a flag away.
Like, “read 1MB chunks from stdin, adjust chunk boundaries so they always start with a specified delimiter, then run N copies of this command where each copy gets a subset of chunks on stdin”.
It’s just --pipe --round-robin --recstart 'some delimiter'.
Last night I used this to search a Li…
@ruari@velocipederider.comEver wondered about the inode trunctation in #cpio formats and what that might mean for the integrity of your archives on modern systems?
No? No, I didn't think so because that is nerdy as fuck!!! 🤓
Nonetheless, I typed this up. No need to… umm… thank me. 🤪
@fanf@mendeddrum.orgfrom my link log —
GNU Recutils: a database management system using human-readable text files.
https://labs.tomasino.org/gnu-recutils/
saved 2020-01-26 https://
@publicvoit@graz.social#GNUTaler mit Echtgeld ausprobiert - Teil 4: Fazit
https://gnulinux.ch/gnu-taler-mit-echtgeld-ausprobiert-teil-4
Spannende Option für wirklich freien digitalen
@cyrevolt@mastodon.socialToday's wtf: I was getting errors when wrapping my npm command in a Makefile:
```
make: npm: Permission denied
```
Why? Just running it directly works. The heck?!
Okay, strace time...
```
newfstatat(AT_FDCWD, "/home/dama/bin/npm", {st_mode=S_IFDIR|0775, st_size=4096, ...}, 0) = 0
```
Huh... that is a directory.
So it's one of those Unixy fuckeries!
Why does (GNU) make even do this?!
So I set `NPM ?= /usr/bin/n…
@heiseonline@social.heise.deEinige der zuletzt hier besonders häufig geteilten #News:
GNU Taler auf dem 39C3: Wie das quelloffene Bargeld den Praxistest besteht
@whitequark@mastodon.socialthis response does address the request, technically speaking https://mastodon.social/@gnu_ebooks/115357348177151270
@piger@mastodon.socialahh, the good old times before ssh and its smug encryption
https://www.openwall.com/lists/oss-security/2026/01/20/2
@ruario@vivaldi.net@… As a format (the pax or latter GNU variant) are better than the last major cpio format, newc. However, if you like the syntax of cpio, then bsdcpio (libarchive) allows you to output in pax format, giving you the best of both worlds.
@offenenetze@chaos.socialGNU Taler auf dem 39C3: Wie das quelloffene Bargeld den Praxistest besteht | heise online
https://heise.de/-11126356
@alejandrobdn@social.linux.pizzaI had a single "YouTube" category in the feeds classified in Freshrss. I decided to separate the channels related to GNU/Linux and Selfhosting from the rest. 84% are in the first category.
It's not a thirst for knowledge, it's an addiction... It's just that I know so little...
@adulau@infosec.exchangeGNU InetUtils Security Advisory: remote authentication by-pass in telnetd
🔗 #telnet
@egallager@social.treehouse.systemsGovernments should use FOSS whenever possible, and that should extend to fonts as well: https://www.gnu.org/software/freefont/articles/Why_Free_Fonts.html
@janneke@todon.nl @heiseonline@social.heise.deZum Abend noch einige der heute besonders häufig geteilten #News:
39C3: Wie das quelloffene Bargeld GNU Taler den Praxistest besteht
@mgorny@social.treehouse.systems0 days since it turned out that GNU #make does not respect the #jobserver protocol it designed itself in yet another way. Or to put it otherwise, I've wasted my whole morning implemented something that cannot work because it didn't occur to me that GNU make people only set rules without caring to actually follow them.
#Gentoo #Linux
@simon_brooke@mastodon.scotShould
(= 3/4 0.75)
return true (or 't)? You'd think so.
#SBCL 2.5.2 does think so.
MIT/GNU Scheme also thinks so.
#Interlisp Medley agrees.
I think this is correct behaviour.
#Clojure
@penguin42@mastodon.org.ukGnucash is a nice simple Gtk/GUI accountancy program; I've used it to keep track of my spending, income, credit cards etc for well over a decade; it does simple double-entry stuff and also has some more advanced stuff for generating reports and small businesses.
https://www.gnucash.org/
@keithp@fosstodon.orgSupport for using picolibc as the primary C library with GCC landed today. Thanks much to Jeffrey Law and Andrew Pinski for their help improving the changes and getting them merged. https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;a=commit;h=72274d0a421…
@jdrm@social.linux.pizzaPasen y lean unas notas sobre el uso y configuración en Linux de #autofirma #fnmt
https://jdrm.info/conf…
@haayman@todon.nlIk heb onlangs linux mint op een oude macbook air geïnstalleerd, maar nu is er een kernel update en krijg ik deze foutmelding bij het installeren. Zijn er meer mensen die dit hebben gezien? En heb je een oplossing gevonden?
```
warning: the compiler differs from the one used to build the kernel
The kernel was built by: x86_64-linux-gnu-gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
You are using: gcc-13 (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0
CFG80211 API …
@jtk@infosec.exchangeThe end-to-end (e2) argument is about where to put functionality in a layered system. It generally argues for functions to be moved out and up, but it does not say you cannot have functionality at lower layers or in the middle. The paper states "A great deal of information about system implementation is needed to make this choice intelligently."
Seen in a discussion about the recent GNU inetutils telnetd vulnerability, someone incorrectly states:
"End to end prin…
@michabbb@social.vivaldi.net
@thomasfuchs@hachyderm.ioRE: https://chaos.social/@karolherbst/115635491492141491
Wait I thought it's GNU/Linux, not MAGA/Linux
@fortune@social.linux.pizzaOnce upon a time there was a DOS user who saw Unix, and saw that it was
good. After typing cp on his DOS machine at home, he downloaded GNU's
unix tools ported to DOS and installed them. He rm'd, cp'd, and mv'd
happily for many days, and upon finding elvis, he vi'd and was happy. After
a long day at work (on a Unix box) he came home, started editing a file,
and couldn't figure out why he couldn't suspend vi (w/ ctrl-z) to do
a comp…
@teledyn@mstdn.caRE: https://mstdn.ca/@thetyee/116009132713347082
If it is any consolation, the GNU Manifesto c1984 warned of this same danger as software became increasingly proprietary. As the proprietaries compete for the best prestige with the best wages and best ROI, their prices inevitably rise, and the best talent is drained from the competing community pool.
On the plus side, community software was here before the likes of Bill Gates, and will still be here long after they're gone.
@mgorny@social.treehouse.systemsI feel like desktop GNU/Linux nowadays (especially around #GNOME) is a lot like: "Do you recall this thing #Android does that you really hate? Good news, everyone, we just copied it to our application, and you can't switch back!"
#FreeSoftware
@ruari@velocipederider.comEver run some random ass installer on Linux (or make install) and wondered where all the files ended up? I gotcha
https://gist.github.com/ruario/a59036672d412ce38b34ace44273ede2
@Nael@pachyder.me@… @… @…
Every time I see GNU , beeing french , it makes me see a Gnou, the animal (wi…
@midtsveen@social.linux.pizzaRE: #Debian
@neverpanic@chaos.socialAchievement unlocked: Being mentioned in an article on @…: https://lwn.net/SubscriberLink/1055053/05d1716074bbbbe3/
That means I've made it in the o…
@theodric@social.linux.pizzaHappy GNU/year
@ruario@vivaldi.net@… By chance, just last week I started to try and create a list of all the different ways you could make a make a gzip compressed tarball with GNU tar but after about 1.5k variations of possible commands (and I still had not captured them all), I gave up.
P. S. True story by the way! 🤪
@whitequark@mastodon.socialanother case of AGPLv3 being used extractively! https://github.com/minio/minio/commit/27742d469462e1561c776f88ca7a1f26816d69e2
@alejandrobdn@social.linux.pizzaA good time to remember this gem from XKCD, representative of all the descents into the rabbit hole of those who one day asked themselves, "What the hell is Linux?".
#linux
@ruario@vivaldi.net@… Ok, so I went off on a tangent for no reason. I hope it really was vaguely interesting and you were not just being polite. 😜
Yes, in summary you confused GNU tar and since it cannot make zip files, it did it's best fallback (just made an uncompressed tar). Then in turn the .zip extension confused Windows.
So it was, your fault! Sor…
@Nael@pachyder.me@… @… @… @MLE_online
^^
« How to tell I know nothing about GNU without telling you I know nothi…
@michabbb@social.vivaldi.net✅ Immediate action required: Update to GNU Inetutils 2.8 or migrate to #SSH for secure remote access
https://nvd.nist.gov/vuln/detail/CVE-2026-24061
@ruari@velocipederider.comPeople say tar is hard but off the top of my head here are 298 ways to make a gzip compressed tar archive of a directory and its contents with GNU tar.
https://gist.github.com/ruario/ac0c6a15369853df2c698aa6fe595135
There are more but I got bored. 😜
P…
@keithp@fosstodon.orgNew embedded toolchain bits for Debian today for aarch64-none-elf, arm-none-eabi and riscv64-unknown-elf.
binutils-embedded builds version 2.45.90.20260125.
gcc-arm-none-eabi uses Arm GNU Toolchain version 15.2.rel1 (2025-12-17). For arm and aarch64.
gcc-riscv64-unknown-elf is based off GCC 15.2. For 32- and 64-bit Risc-V.
picolibc 1.8.11. Now the only C library.
libstdc -arm-none-eabi and libstdc -riscv64-unknown-elf.
They're all in NEW, but should …
@mgorny@social.treehouse.systemsWorked on some more #Gentoo global #jobserver goodies today.
Firstly, Portage jobserver support patch: #PyTest jobs will also be counted towards total job count.
Again, it's not a perfect solution, but it works reasonably. The plugin still starts -n jobs as specified by the arguments, but it acquired job tokens prior to executing every test, therefore delaying actual testing until tokens are available. It doesn't seem to cause noticeable overhead either.
@michabbb@social.vivaldi.net🎯 Nearly 800,000 #Telnet servers potentially affected worldwide running vulnerable GNU inet utils implementations
📅 Bug existed since 2015 code changes, finally patched January 20, 2026 in version 2.8
🔧 The flaw stems from missing input sanitization: USER environment variable from network is passed unsanitized to login command, allowing flag injection
@publicvoit@graz.social
@midtsveen@social.linux.pizzaWhere i post from!
#DebianTrixie #Debian13 #Debian #Linux
