August 7, 2023: We reported our findings to the caddy-security plugin maintainers.
August 23, 2023: The caddy-security plugin maintainers confirmed that there were no near-term plans to act on the reported vulnerabilities.
Uh-oh. That includes using broken rng?!
idd: https://github.com/greenpau/caddy-security/issues/265
Looks like an extremely usegull plugging for middized organizations. Caddy really is becomming my favorite webserver. It is both easy to configure, and hardly needs to be configured due to the defaults usually fitting my needs just fineā¦
Uh-oh. That includes using broken rng?!
idd: https://github.com/greenpau/caddy-security/issues/265
Looks like an extremely usegull plugging for middized organizations. Caddy really is becomming my favorite webserver. It is both easy to configure, and hardly needs to be configured due to the defaults usually fitting my needs just fineā¦