Oddbean new post about login | logout When are we going to take Rust parsing seriously? Firefox 117.0.1 (and also Chromium, which means all Electron apps) had to fix a libwebp buffer overflow that could lead to remote code execution, and now Firefox 118.0.1 (and also Chromium, which means all Electron Apps) has to fix a libvpx buffer overflow that could lead to remote code execution _just two weeks later_. These are just two C libraries used by ALL browsers and many programs, handling remote input in an unsafe way!
@0af6133c sad that Firefox seems to have stopped adding more new Rust components (or at least this page was last updated nearly 3 years ago https://wiki.mozilla.org/Oxidation) #rustlang #firefox