Security updates for Friday
Security updates have been issued by Debian (redis and valkey), Fedora (docker-buildkit, ibus-bamboo, pgadmin4, webkitgtk, and wordpress), Mageia (kernel-linus, kmod-virtualbox & kmod-xtables-addons, and microcode), Oracle (compat-libtiff3 and udisks2), Red Hat (rsync), Slackware (python3), SUSE (chromium, cJSON, digger-cli, glow, go1.24, go1.25, go1.25-openssl, grafana, libexslt0, libruby3_4-3_4, pgadmin4, python311-python-socketio, and squid), and Ubuntu (dpdk, libhtp, v … ⌘ Read more
Para quem não está por dentro do tema, este antiguinho artigo (e links nele) da @paulasimoes continua a ser uma boa referência:
$4,500 Bounty: SQL Injection in WordPress Plugin Leads to PII Exposure at Grab
How a Plugin Preview Feature Exposed User Data and Nearly Enabled Admin Dashboard Pivoting
[Continue reading on Info … ⌘ Read more
Stonean spaces, projective objects, the Riesz representation theorem, and (possibly) condensed mathematics
Comments ⌘ Read more
Wordpress Adds Watermarks to Internal Webpages in Hunt for Whistleblowers
Wordpress company (Automattic) really doesn’t trust their employees. ⌘ Read more
↳
In-reply-to
»
What does the #twtxt community think about having a p2p database to store all history? This will be managed by Registries.
⤋ Read More
pls elaborate on a ‘p2p database’, ‘all story’ and ‘Registries’.
My first thought takes me to something like secure-scuttlebutt which it’s painful to sync data using clients, and too slow compared to downloading a text file.
Also I’d like for twtxt to avoid becoming an ActivityPub. Works well but it’s uses too many resources IMO.
https://kingant.net/2025/02/mastodon-the-cost-of-running-my-own-server/
I’m defending being able to self-host your Web client (like you’d do with a Wordpress, twtxt is a micrologging, at the end), instead of federated instances, so in a first thought I’d say Registries have many disadvantages being the first one that someone has to maintain them active.
Wordpress Contributors Must Now Agree That “Pineapple is Delicious on Pizza’
The Wordpress v. WP Engine legal battle just took a detour into… food. ⌘ Read more
[ANN] The MAGIC Monero Fund got an application: ‘Build a plugin for embedding dApps into Wordpress websites’
Link: https://github.com/MAGICGrants/Monero-Fund/issues/38
@rucknium:monero.social ⌘ Read more
Dockerize WordPress: Simplify Your Site’s Setup and Deployment
Learn how to Dockerize WordPress by following steps to create Dockerfiles, containerize existing WordPress instances, and set up Traefik for automatic TLS certificates. ⌘ Read more
BenraouaneSoufiane submits CCS proposal to ‘extend’ CryptoCheckout project
BenraouaneSoufiane1 has submitted their first CCS proposal2 looking to extend the CryptoCheckout 3 project by creating a WordPress plugin for WooCommerce merchants and a Shopify payment app:
The target audiance is any person has XMR address/wallet, it could be as a merchant has online business want to accept XMR, or naturel user want to pay using his XMR balance.
” … ⌘ Read more
[LTH] [0.15 XMR] Convert isometric token image from Wordpress to Monero icon
A new privacy focused hosting platform which only accepts Monero as a currency needs a conversion of this isometric logo of Wordpress, to be exactly the same however, using Monero color scheme and icon: https://file.io/clebBxqHX9UV
Link: https://bounties.monero.social/posts/160/
n/a ⌘ Read more
Memos
With the current drama around WordPress and Automattic, I was searching for alternatives to Simplenote, the app I am currently using to save my notes and keep them synced. ⌘ Read more
Depois de ir acompanhando a novela WordPress, sinto-me numa minoria por concordar com os motivos e métodos do Matt Mullenweg para lidar com o wp engine, mas não tenho gás para me meter em flame wars sobre o assunto
Matt Mullenweg is an asshole. That’s all; that’s the message.
Isode: Harrier 4.0 – New Capabilities
Harrier is our Military Messaging client. It provides a modern, secure web UI that supports SMTP, STANAG 4406 and ACP 127. Harrier allows authorised users to access role-based mailboxes and respond as a role within an organisation rather than as an individual.
You can find out more about Harrier here.
** … ⌘ Read moreHow to Remove “Promote with Blaze” from WordPress
WordPress is fantastic blogging software and an excellent content management system that is prolific on the web (and used by us for this site!), and Jetpack is a great set of tools offered by Automattic to further improve the WordPress experience. But the latest versions of Jetpack default to placing a “Promote with Blaze” option … Read More ⌘ Read more
Isode: Cobalt 1.5 – New Capabilities
OverviewThis release adds new functionality and features to Cobalt, our web based role and user provisioning tool. You can find out more about Cobalt here.
Multiple Cobalt ServersThis enhancement enables multiple Cobalt servers to be run against a single directory. There are two reasons for this.
- In a distributed … ⌘ Read more
↳
In-reply-to
»
@eaplme
Yarn could the twtxt I want more then regular twtxt. Though I do like not having to host a yarn pod.
⤋ Read More
Didn’t know of bytesypider and bytedance, I assume those are bots, although I no idea why they are pointing to that address to your site
https://wordpress.org/support/topic/psa-bytedance-and-bytespider-bots-recommend-blocking/
You gave me a good idea to block bytespider. Its just weird what it pulls in.twtxt-php isn’t sending User-Agent headers as it’s in the original spec:
https://twtxt.readthedocs.io/en/latest/user/discoverability.html
sending user agent would be a nice thing to have so that people using regular twtxt clients can find you and anyone else hosting twtxt-php or timeline
HTTP logs are annoying but webmention has an issue that it needs a server to check for webmentions. The server can be an external one or hosted on the same server as far as I can find.
But also HTTP logs need a server that one can view the logs.
Isode: Red/Black – 2.1 New Capabilities
OverviewThis release adds important new functionality and adds further device drivers to Red/Black, a management tool that allows you to monitor and control devices and servers across a network, with a particular focus on HF Radio Systems. A general summary is given in the white paper Red/Black Overview.
 access and configuration including bootstrap with self signed certificate and ide … ⌘ Read more
Isode: Cobalt 1.4 – New Capabilities
Cobalt proides a web interface for provisioning users and roles in an LDAP directory. It enables the easy deployment of XMPP, Email and Military Messaging systems.
Listed below are the changes brought in with 1.4.
HSM SupportCobalt is Isode’s tool for managing PKCS#11 Hardware Security Modules (HSM) which may be used to provide improved server security by protecti … ⌘ Read more
Isode: Icon-Topo 2.0 – New Capabilities
Icon-Topo supports Mobile Unit (MU) mobility between HF Networks, enabling application communications over a wider area than can be achieved with a single ground station. It provides a way to schedule the movement from one HF network to another, ensuring that as an MU goes about its deployment the communications network is kept up and running.
The below … ⌘ Read more
Isode: M-Guard 1.5 – New Capabilities
M-Guard is an XML guard that is used at a network boundary to control traffic. An M-Guard instance is an application level data diode, with traffic flowing in one direction only. Commonly, M-Guard instances will be deployed in pairs, one controlling flow in each direction. The following is a list of the new capabilties introduced in version 1.5.
Isode: Harrier 3.3 – New Capabilities
Harrier is our Military Messaging client. It provides a modern, secure web UI that supports SMTP, STANAG 4406 and ACP 127. Harrier allows authorised users to access role-based mailboxes and respond as a role within an organisation rather than as an individual.
 e a transposição da Directiva de Direito de Autor proposta por @cultura_pt @padaoesilva @padaoesilva https://paulasimoesblog.wordpress.com/2023/04/20/artigo-17o-ex-artigo-13o-e-a-transposicao-da-directiva-de-direito-de-autor-proposta-por-cultura_pt-padaoesilva-govpt/
Artigo 17º (ex-artigo 13º) e a transposição da Directiva de Direito de Autor proposta por @cultura_pt [@padaoesilva](https://nitter.net/padaoesilva “pedro a … ⌘ Read more
RT by @mind_booster: The Mousetrap 70th Anniversary Edition #Books #AgathaChristie https://paulasimoesblog.wordpress.com/2023/04/18/the-mousetrap-70th-anniversary-edition-books-agathachristie/
The Mousetrap 70th Anniversary Edition #Books #AgathaChristie paulasimoesblog.wordpress.co…
 to support mand … ⌘ Read more
RT by @mind_booster: Número 3 da #Colecção Vampiro O Caso das Garras de Veludo #Livros https://paulasimoesblog.wordpress.com/2023/02/08/numero-3-da-coleccao-vampiro-o-caso-das-garras-de-veludo-livros/
Número 3 da #Colecção Vampiro O Caso das Garras de Veludo #Livros paulasimoesblog.wordpress.co…
 ⌘ Read more
WordPress implemented SQLite support! 😱 (Not merged into Core yet, but you’re able to test it.) ⌘ Read more
RT by @mind_booster: #AgathaChristie birthday anniversary https://paulasimoesblog.wordpress.com/2022/09/15/agathachristie-birthday-anniversary/
#AgathaChristie birthday anniversary paulasimoesblog.wordpress.co…
RT by @mind_booster: Tales from Moominvalley by Tove Jansson https://paulasimoesblog.wordpress.com/2022/09/14/tales-from-moominvalley-by-tove-jansson/
Tales from Moominvalley by Tove Jansson paulasimoesblog.wordpress.co…
I started working on plugins for GoBlog using a Go module I recently discovered: yaegi. It still feels like magic, because Go is typically a compiled language and yaegi makes it dynamic by embedding an interpreter. Is this overkill for GoBlog or does this possibly enable flexibility like WordPress plugins? ⌘ Read more
RT by @mind_booster: Associação @Communia_EU atualiza recomendações para a próxima década #PublicDomain #Copyright https://paulasimoesblog.wordpress.com/2022/06/03/associacao-communia_eu-atualiza-recomendacoes-para-a-proxima-decada-publicdomain-copyright/
Associação @Communia_EU atualiza recomendações para a próxima década #PublicDomain #Copyright [paulasimoesblog.wordpress … ⌘ Read more
RT by @mind_booster: This book can be your next (perfect?) TBR: The Story of Classic Crime in 100 (102?) Books by Martin Edwards ⭐⭐⭐⭐⭐ @medwardsbooks @poisonedpen @BL_Publishing #BookReview #Booktwt https://paulasimoesblog.wordpress.com/2021/07/05/this-book-can-be-your-next-perfect-tbr-the-story-of-classic-crime-in-100-102-books-by-martin-edwards-%e2%ad%90%e2%ad%90%e2%ad%90%e2%ad%90%e2%ad%90-medwardsbooks-poisonedpen-bl_publishing-bo/
This book can be your next (perfect?) TBR: The Story of Classic Crime in 1 … ⌘ Read more
**RT by @mind_booster: Notas da Semana 16/05/2022
Metadados (ainda)
Pressão da CE sobre os Estados-Membros na transposição da directiva do copyright
Relatório da IFLA
Livros & Reviews
https://paulasimoesblog.wordpress.com/2022/05/20/notas-da-semana-16-05-2022/**
Notas da Semana 16/05/2022
Metadados (ainda)
Pressão da CE sobre os Estados-Membros na transposição da directiva do copyright
Relatório da IFLA
Livros & Reviews
[paulasimoesblog.wordpress.co…](https://paulasimoesblog.wordpress.com/2022/05/20/notas … ⌘ Read more
RT by @mind_booster: Notas da Semana 09/05/2022 https://paulasimoesblog.wordpress.com/2022/05/13/notas-da-semana-09-05-2022/
Notas da Semana 09/05/2022 paulasimoesblog.wordpress.co…
RT by @mind_booster: UK is over the edge: http://archive.org blocked at the telecom level https://virtuallyfun.com/wordpress/2022/05/06/uk-is-over-the-edge-archive-org-blocked-at-the-telecom-level/
UK is over the edge: archive.org blocked at the telecom level virtuallyfun.com/wordpress/2… ⌘ Read more
RT by @mind_booster: Salvaguardas dos direitos dos cidadãos salvam artigo 17 (ex artigo 13) no Tribunal de Justiça da União Europeia. Estados-Membros obrigados a transpor salvaguardas. https://paulasimoesblog.wordpress.com/2022/04/26/salvaguardas-dos-direitos-dos-cidadaos-salvam-artigo-17-ex-artigo-13-no-tribunal-de-justica-da-uniao-europeia-estados-membros-obrigados-a-transpor-salvaguardas/
Salvaguardas dos direitos dos cidadãos salvam artigo 17 (ex artigo 13) no Tribunal de Justiça da União Europeia. Estad … ⌘ Read more
CloudFest Hackathon: WordPress and the IndieWeb ?~L~X https://notiz.blog/b/63b
What a good feeling when the hours you have invested in optimizing and testing actually bear fruit. In other words, my blog now uses less than 100 MB of memory, even though I have quite a few features enabled. My diary for example needs less than 20 MB. And if you compare that with WordPress, where the database alone needs more than 300 MB… 😄 ⌘ Read more
Secure Docker Compose stacks with CrowdSec - The open-source & collaborative IPS
Testing this at the moment, quite happy with the results for one of my VPS running Funkwhale that came from a mix of Wordpress / Ampache, wordpress was being heavily probed for vulnerabilities, login attemps etc .. ⌘ Read more
Isode: Successfully Managing HF Radio Networks
With the potential for new technologies to cause interference to traditional communications networks and even space itself at the risk of becoming weaponised, it is important to make sure that you always have a backup plan for your communications ready and waiting.
Should the worst happen and your primary network, typically SatCom, go down you need to ensure that you can still communicate with your forces wherever they are, and that c … ⌘ Read more
Article on designing 21st century instruments for teaching music theory (aka ditch the piano): [[https://historyofmusictheory.wordpress.com/2021/11/01/should-we-burn-the-pianos-introducing-a-collaborative-project-focused-on-building-new-instruments-for-theory/]] #links
I am using Nitter, an alternative interface for Twitter, just in case I want to read a thread on Twitter. Previously I hosted the instance directly on my VPS. Now, however, I host the Nitter instance at home, but make it available on the Internet through Tailscale, a little program I wrote called “ProxyExposer”, and Caddy. 🤓 I also briefly tried publishing a WordPress instance from home to the web this way. But I don’t have a use case for WordPress at the moment. ⌘ Read more
@movq@www.uninformativ.de I remember that time. I built my own mess, then used someone else’s mess (WordPress). I then switched to Jekyll when Tom released it, then to Hugo, which I use today. I also love static web stuff!
Isode: Draft, Review & Release ⌘ Read more…
Isode: HF for more than just messaging ⌘ Read more…
Isode: Isode Military Capabilities at DSEI 2021 ⌘ Read more…
Isode: The Isode pre-sales team has expanded ⌘ Read more…
Isode: Taking a Stand at DSEI 2021 ⌘ Read more…
@prologic “we should fight for IRC more” another slack “Definition: Slack. The absence of binding constraints on behavior.” https://thezvi.wordpress.com/2017/09/30/slack/
ActivityPub für WordPress ?~L~X https://notiz.blog/b/593
why are people STILL using wordpress? what year is this? also don’t they know it makes puppies cry?
I wish I could do this with @withKnown - A New Way to Publish Your Blog Posts Simultaneously as Twitter Threads ⌘ https://wordpress.com/blog/2020/10/13/a-new-way-to-publish-your-blog-posts-simultaneously-as-twitter-threads/
Exploring Full-Site Editing With the Q WordPress Theme – WordPress Tavern ⌘ https://wptavern.com/exploring-full-site-editing-with-the-q-wordpress-theme
Twentig – Twenty Twenty Customization, Gutenberg Blocks & Templates – WordPress plugin ⌘ https://wordpress.org/plugins/twentig/
PhotoPress – WordPress plugin | WordPress.org ⌘ https://wordpress.org/plugins/photopress/
Google Web Stories WordPress Plugin Officially Released ⌘ https://www.searchenginejournal.com/google-web-stories-wordpress-plugin-officially-released/381790/amp/
WP Meetup Stuttgart – IndieWeb und WordPress ?~L~X https://notiz.blog/a/5ej
Deploying WordPress to the Cloud ⌘ https://www.docker.com/blog/deploying-wordpress-to-the-cloud/