Hi!
This bug has been reported a while ago and popped up again during some
conversation in our IRC channel today.
As the maintainer of libravatar.org, I wonder if I can help somehow to
solve this problem?
Please let me know if I can help in some way!
Kind regards,
Oliver
but that never happened. As an example of
> traffic, yesterday there were 21408 attempted executions of the script.
> If anyone wants to work on the script, the source code for it is here:
>
>
> https://salsa.debian.org/debbugs-team/debbugs/-/blob/master/cgi/libravatar.cgi
>
&g
On Thu, Apr 7, 2022 at 11:52 AM Paul Wise wrote:
> On Thu, 2022-04-07 at 11:01 +0200, Oliver Falk wrote:
>
> > I remember the CGI was disabled quite some time ago, but I have to
> > admit, I never had the chance to engage with the right people to see
> > how we can fix
On Fri, Apr 8, 2022 at 2:10 AM Paul Wise wrote:
> On Thu, 2022-04-07 at 12:39 +0200, Oliver Falk wrote:
>
> > IMHO, the current solution doesn't really provide more security.
>
> Its about not asking browsers to do third-party requests, which is the
> policy for
On Fri, Apr 8, 2022 at 6:27 AM Don Armstrong wrote:
> The basic code is working, but we were having performance issues which
> is why it was disabled on bugs.debian.org.
>
> I haven't had a chance to dig into exactly why it was failing, though
> now that everything is using md5sum of the e-mail a
Hi!
Yes, libravatar never had the option to query with the plaintext identity
for good reasons.
Again, if there is anything I can do, please let me know!
Oliver
On Sat, Apr 9, 2022 at 6:09 AM Don Armstrong wrote:
> On Fri, 08 Apr 2022, Oliver Falk wrote:
> > When I checked it yeste
6 matches
Mail list logo
