profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/bufferoverflow/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Roger Meier bufferoverflow Siemens Greifensee, Zürich, Switzerland

bufferoverflow/doap 1

RDF schema for describing software projects

bufferoverflow/embb 1

Embedded Multicore Building Blocks (EMB²)

betterbibleproject/bible 0

the better bible project: contribute to a new and better bible!

bufferoverflow/123done 0

An example application that demonstrates the use of Persona

bufferoverflow/2048 0

A small clone of 1024 (https://play.google.com/store/apps/details?id=com.veewo.a1024)

bufferoverflow/ansible-collection-hardening 0

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

bufferoverflow/ascoltatori 0

The pub/sub library for node backed by Redis, MongoDB, AMQP (RabbitMQ), ZeroMQ, MQTT (Mosquitto) or just plain node!

issue commentomniauth/omniauth-saml

Support for multiple :idp_cert_fingerprint

MRs are welcome :smile:

bbodenmiller

comment created time in 2 days

push eventbufferoverflow/verdaccio-gitlab

dependabot[bot]

commit sha b178dacfa05c980cda13e35828e27e3e77d18d3b

chore(deps): bump ws from 5.2.2 to 5.2.3 Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

view details

Roger Meier

commit sha a790b0bc8c06f08d30ce4c0d6a2c0332e65754e6

Merge pull request #136 from bufferoverflow/dependabot/npm_and_yarn/ws-5.2.3 chore(deps): bump ws from 5.2.2 to 5.2.3

view details

push time in 3 days

PR merged bufferoverflow/verdaccio-gitlab

chore(deps): bump ws from 5.2.2 to 5.2.3 dependencies

Bumps ws from 5.2.2 to 5.2.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p> <blockquote> <h2>5.2.3</h2> <h1>Bug fixes</h1> <ul> <li>Backported 00c425ec to the 5.x release line (76d47c14).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/websockets/ws/commit/6dd88e7e968ef2416445d8f8620c17d99b15c77c"><code>6dd88e7</code></a> [dist] 5.2.3</li> <li><a href="https://github.com/websockets/ws/commit/76d47c1479002022a3e4357b3c9f0e23a68d4cd2"><code>76d47c1</code></a> [security] Fix ReDoS vulnerability</li> <li>See full diff in <a href="https://github.com/websockets/ws/compare/5.2.2...5.2.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 days

pull request commentbufferoverflow/verdaccio-gitlab

chore(deps-dev): bump lodash from 4.17.15 to 4.17.21

thanks @juanpicado !

dependabot[bot]

comment created time in 4 days

PR opened siemens/gencmpclient

docs: use github within submodule example

<!-- Thank you for sending the PR! We appreciate you spending the time to work on these changes.

Help us understand your motivation by explaining why you decided to make this change.

Happy contributing!

-->

Motivation

use github within submodule example

Proposed Changes

(Write out the details of your proposed changes here.)

Test Plan

(Please provide clear instructions on how to verify that your changes work.)

+1 -1

0 comment

1 changed file

pr created time in 5 days

create barnchsiemens/gencmpclient

branch : docs/use-github

created branch time in 5 days

PR opened siemens/gencmpclient

docs: use example.com as per rfc2606

<!-- Thank you for sending the PR! We appreciate you spending the time to work on these changes.

Help us understand your motivation by explaining why you decided to make this change.

Happy contributing!

-->

Motivation

Use example.com instead of my-company.com as per https://www.rfc-editor.org/rfc/rfc2606.html

Proposed Changes

(Write out the details of your proposed changes here.)

Test Plan

(Please provide clear instructions on how to verify that your changes work.)

+1 -1

0 comment

1 changed file

pr created time in 5 days

create barnchsiemens/gencmpclient

branch : docs/example-rfc2606

created branch time in 5 days

issue commentOAI/OpenAPI-Specification

AsyncAPI as part of OpenAPI ?

Thanks for the insights and the link to your presentation on the topic!

bufferoverflow

comment created time in 9 days

create barnchsiemens/puppet-pam_pkcs11

branch : refactor/pdk-upgrade

created branch time in 10 days

issue commentOAI/OpenAPI-Specification

AsyncAPI as part of OpenAPI ?

@fmvilas Could you maybe share your thoughts on this?

bufferoverflow

comment created time in 11 days

startedbutuzov/deadlinks

started time in 15 days

MemberEvent
MemberEvent
MemberEvent

pull request commenttodogroup/ospolandscape

add siemens as an ospo adopter and todo member

cool, thanks @anajsana !

anajsana

comment created time in 25 days

push eventbufferoverflow/ansible-collection-hardening

Roger Meier

commit sha daf9402fb8dbeb07d8cfcc0dd59ee098ed88d431

chore(ssh_hardening): set min_ansible_version to >=2.9.10

view details

push time in a month

fork bufferoverflow/ansible-collection-hardening

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

http://dev-sec.io/

fork in a month

issue openedblockdiag/blockdiag

file existence disclosure using svg renderer

Using the svg renderer, file existence can be disclosed. This is especially relevant if running blockdiag on a server.

e.g.

blockdiag {
A [label = "not exists", background="/etc/test"];
B [label = "exists", background="/etc/passwd"];
}

does show: Screenshot 2021-08-16 at 17 07 51

Relevant code in https://github.com/blockdiag/blockdiag/blob/master/src/blockdiag/imagedraw/svg.py#L250

created time in a month

MemberEvent
MemberEvent

created repositorysiemens/libsecutils

Wrapper library for commonly used OpenSSL functions

created time in a month

startedauthelia/authelia

started time in 2 months

issue commentsiemens/sentry-auth-oidc

Dependency missmatch with six

@dlouzan @max-wittig as I'm on vacation soon, maybe you could have a look at this?

Centzilius

comment created time in 2 months

issue commentsiemens/sentry-auth-oidc

Dependency missmatch with six

@Centzilius feel free to provide an MR to fix this. We will look into this later this month.

Centzilius

comment created time in 2 months

PR opened json-api/json-api

docs(implementations): remove jsonapi Django module

last commit on https://github.com/pavlov99/jsonapi is 5 years ago so I think this should not be listed

+0 -1

0 comment

1 changed file

pr created time in 3 months

PR closed bufferoverflow/json-api

docs(implementations): remove jsonapi Django module

last commit on https://github.com/pavlov99/jsonapi is 5 years ago so I think this should not be listed

+0 -1

0 comment

1 changed file

bufferoverflow

pr closed time in 3 months

PR opened bufferoverflow/json-api

docs(implementations): remove jsonapi Django module

last commit on https://github.com/pavlov99/jsonapi is 5 years ago so I think this should not be listed

+0 -1

0 comment

1 changed file

pr created time in 3 months

create barnchbufferoverflow/json-api

branch : bufferoverflow-patch-1

created branch time in 3 months