commit -m "better"

https://www.phoronix.com/news/OpenWrt-Compromised-ASU-Builds

2 уязвимости в проекте openwrt.

Вторая так прямо очень красивая:

"2. Truncated SHA-256 Hash Collisions: The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to "poison" the artifact cache and deliver compromised images to unsuspecting users"

Phoronix

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

A security issue was reported to the OpenWrt project this week around their Attendedsysupgrade Server (ASU) instances that could have led to compromised firmware images being served.

www.tgoop.com/itpgchannel/2477

1.8K viewsDec 8 at 20:57

https://www.phoronix.com/news/OpenWrt-Compromised-ASU-Builds

2 уязвимости в проекте openwrt.

Вторая так прямо очень красивая:

"2. Truncated SHA-256 Hash Collisions: The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to "poison" the artifact cache and deliver compromised images to unsuspecting users"

BY commit -m "better"