Interesting how #CVE are leveraged as resume items, putting #programmers #developers & project leads under pressure by #bogus CVE reports or unnecessary high CVE ratings.
Popular and obscure programs are affected in the #OpenSource #POSIX world e.g #Linux #freeBSD #netBSD #openBSD
#Curl by #Daniel #Stenberg #IP by #Fedor #Indutny & #nodeIP are popular programs hit by this #phenomena which can lead to unwarranted #panic in the users space
@RadioAzureus "IP addresses supplied to it in a non-standard format" Note that, unlike IPv6, IPv4 has no "standard format". (People who deny this are requested to mention the RFC where it is standardized, along with the section number.)
@bortzmeyer @RadioAzureus this is the part where we argue the standard format is e.g. 2130706433 right?
@RadioAzureus Whiskey Tango Foxtrot.?!
@RadioAzureus Not that it takes away from the problem of bogus CVEs, but if one uses regular expressions to check IP address ranges, they're very much asking for problems. Just saying.