Last week, I wrote about how Joshua Aaron's ICEBlock app, which allows people to anonymously report ICE sightings within a 5-mile radius, is – unfortunately, and despite apparent good intentions – activism theater. This was based on Joshua's talk at HOPE where he made it clear that he isn't taking the advice
    • corsicanguppy@lemmy.caEnglish
      8·
      7 days ago

      The server was reportedly running 2.4.57 and the CVE was fixed in 2.4.60, so it’s definitely present in the software.

      Overall, I don’t get your point about stable releases and backports.

      Clearly. Hint: it’s what Enterprise Linux has done for 20 years.

    • Eager Eagle@lemmy.worldEnglish
      6·
      7 days ago

      Distros may not update software versions when backporting some things, meaning they add a suffix they control to the version e.g. 2.4.57-ubuntu1.2 whatever, but the version reported by the software itself might still be 2.4.57.

      It depends on the release process. I was also confused once I was asking myself why the repo was reporting a CVE as fixed when it still showed the old version.