Lazy Admin - lazyadmin@zotadel.net

General: This is the home page of a channel. It is similar to someone's profile "wall" in a social network context. Posts created by the channel are displayed according to the observer's viewing permissions.
Create a Post: If you have permission to create posts on the channel page, then you will see the post editor at the top.

Help

Lazy Admin

Sun, 03 Feb 2019 15:43:03 +0100

Mario Vavti wrote the following post Sun, 03 Feb 2019 15:20:37 +0100

Hubzilla 3.8.9 Released!
Fixes:

Fix typos in mod oep
Fix page jumping when liking collapsed/expanded post
Fix failure to import mail in mod import
Fix wrong channel count in mod new_channel
Fix diaspora addon regression
Remove deprecated diaspora addon endpoint
Fix wrong function call in gallery addon

Please update ASAP!

!Hubzilla Announcements !Hubzilla Support Forum

Lazy Admin

Sat, 15 Dec 2018 10:33:22 +0100

Mario Vavti wrote the following post Fri, 14 Dec 2018 22:03:08 +0100

Hubzilla 3.8.7 Released!
Changes:

Fix issue with linkdropper in comment area
Fix regression with app ordering
Fix return if readImnageBlob() throws an exception
Introduce photo_view_filter hook
Fix home notifications not expanding in certain situations
Fix for dark schema
Fix total identities restriction
Fix article page title not updating if article has no title
Gallery: the gallery app will now act as the full-size photo viewer in /photos if installed

Please update ASAP!

!Hubzilla Announcements !Hubzilla Support Forum

source code

ivan zlax

Wed, 05 Dec 2018 12:55:01 +0100

I repost old article, as in one of the threads it is necessary to identify the terminology. I hope someone else may find this interesting.

ivan zlax wrote the following post Wed, 12 Nov 2014 06:01:00 +0100

source code

There is no government, no industrial-military complex, no economic system, no mass media that can ever reduce us to puppets and robots as thoroughly as the biological and enviornmnetal dictatorships have – F.M. Esfandiary (FM-2030), Upwingers

Hello friends! In this post, I will tell you about a model that someone can possibly find an effective instrument of social interaction. And in order to get used to this model, we must first discuss some concepts related to the field of information technology.

The computer software is:
A program (from Greek programma, “a written public notice”) – in computer science, this is a set of instructions intended for execution by a machine. In general, we call a program some application provided with a user interface.
A process – typically, this means a program that lacks any graphical user interface, while repeatedly accessing the physical memory and hardware resources, and performs some operations in the background mode.
An operation system – a computer’s main program that defines the scope and the procedures for running all other programs and processes.

Hereon, we need to consider the following two kinds of operation systems:
A proprietary system (from Medieval Latin proprietarius, “owner of property”) – this is a system developed and distributed by a specific proprietor (e.g., Apple or Microsoft). The source code of a proprietary system is sealed and inaccessible to anyone, except for the proprietor itself.
An open-source system – it is available for public access, does not belong to anyone, has all its source code accessible and open to change.

It is also worth mentioning that there are two levels in an operation system:
The user level – this includes a conventional desktop, end-user applications, the input and output of data via the graphical interface. A user is allowed to install, run and restrict the access to resources for programs to which he or she has access.
The core, kernel (heart) level – this level is unavailable to a user, it typically lacks any visual representation and hosts a multitude of system processes. In proprietary systems, only the owner has access to the core level, while in open-source systems this may be a special user granted with extended authority, named Root. We have almost finished explaining the terminology by now…

So, in proprietary systems, background processes that consume the processor resources and physical memory are called “Services”:

Meanwhile, in the proprietary systems users do not have access to the core services. A user cannot reduce the consumption of resources, release the memory or disable a system service; only the proprietor can gain the access to core services.

Now, in the open-source systems, the background processes that consume the processor resources and the physical memory are called “Daemons”:

If a user of an open-source system knows the Root password (of a super-user), he or she becomes enabled to kill/freeze any daemon, limit its consumption of resources and memory, and even reassemble the core with applying to it the necessary custom settings.

And finally, let’s take a look at an effective model:

Replace the “computer software” at the beginning of this post with “bio-computer software” and read the article anew. Next, try to answer the following questions:

-    are you authorized to command the core of your biocomputer?
-    is the source-code of your system open, or is it locked by a proprietor behind seven seals?
-    how many services/daemons must be attended by your biological hardware every day? Do their actions cost you memory and resources?
-    who is the specific proprietor of your services: parents, professors, priests, officers, mates, or somebody else?
-    would you like to obtain the Root password enabling you to personally exercise control over your own heart daemons, or would you rather like to continue relying upon the proprietor services?

Links:
J.C. Lilly. Programming and Metaprogramming in the Human Biocomputer
R.A. Wilson. Discussion How to Brain-Wash Friends & Robotize People

ODD# V/(a)/1,v;24Afm3180
#odd #science #erisian #timespace #biocomputer #programming #metaprogramming #opensource #software #bioware #future #infosec
original post@wp

ivan zlax wrote the following post Wed, 12 Nov 2014 06:00:00 +0100

Ни одно правительство, ни один военно-промышленный комплекс, ни одна экономическая система, ни одно средство массовой информации никогда не сможет низвести нас до уровня марионеток и роботов так, как это делает диктат биологии и окружающей среды. – Ф.М. Исфэндайри (FM-2030), «Верхнее крыло»

Привет друзья! В этом сообщение у вас есть возможность ознакомиться с моделью, которая для кого-то может стать эффективным инструментом социального взаимодействия. Но для усвоения этой модели потребуется сначала зафиксироваться и растолковать несколько понятий из сферы информационных технологий.

Программное обеспечение электронно-вычислительных машин это:
Программа — происходит от греческого «предписание», в компьютерах это последовательность инструкций, предназначенных для исполнения устройством управления. Как правило, под программой подразумевают какое-нибудь приложение с пользовательским интерфейсом.
Процесс (process) — чаще всего обозначает программу, не имеющую графического пользовательского интерфейса, но при этом постоянно использующую память и ресурсы аппаратного обеспечения, выполняющую какие-то действия в фоновом режиме.
Операционная система (operating system) — главная программа на компьютере, в рамках и по правилам которой работают все остальные программы и процессы.

Далее, стоит отметить, что есть два типа операционных систем:
Проприетарная система (proprietary software) — происходит от латинского «собственность», это система разрабатываемая и распространяемая каким-нибудь собственником (например, Apple или Microsoft). Исходный код проприетарной системы закрыт и доступен только собственнику, у пользователя нет доступа к исходному коду.
Открытая система (open-source software) — находится в публичном доступе, никому не принадлежит, весь ее исходный код открыт и доступен для изменения.

Также, стоит отметить, что есть два уровня в операционной системе:
Пользовательский уровень — это привычный рабочий стол, все эти приложения, ввод и вывод данных через графический интерфейс, пользователь может устанавливать, запускать или ограничивать потребление ресурсов программ, к которым у него есть доступ.
Уровень ядра, сердца (kernel, core) — это недоступный пользователю уровень, как правило, без графического представления, на котором работают множество системных процессов.
В проприетарных системах к уровню ядра имеет доступ только собственник, а в открытых системах специальный пользователь с расширенными правами по имени Корень (root). Осталось совсем немного терминологии…

Посмотрите, в проприетарных системах фоновые процессы, потребляющие ресурсы процессора и оперативную память называются «Службы»:

Вот только в проприетарных системах у пользователя нет доступа к службам ядра. Пользователь не может понизить потребление ресурсов, освободить память или отключить системную службу, к службам ядра может получить доступ только собственник.

А теперь посмотрите, в открытых системах фоновые процессы, потребляющие ресурсы процессора и оперативную память называются «Демоны»:

Если пользователь открытой системы знает пароль Корня (супер-пользователя), то он может прибить/заморозить любого демона, ограничить ему потребление ресурсов и памяти, да и вообще может пересобрать ядро с необходимыми ему параметрами.

И вот, наконец, пришло время для эффективной модели:
Замените фразу «Программное обеспечение электронно-вычислительных машин» в начале этого сообщения на «Программное обеспечение био-компьютеров» и перечитайте всё это ещё раз. И после этого попробуйте ответить на вопросы:

-    имеется ли у вас доступ к управлению ядром вашего биокомпьютера?
-    исходный код вашей системы открыт или находится за семью печатями у собственника?
-    как много служб/демонов ежеденевно приходится обслуживать вашему биологическому аппаратному обеспечению, ограничивает ли их работа вашу память и ресурсы?
-    кто конкретно является собственниками ваших служб: родители, профессора, священники, офицеры, супруг или может кто-то ещё?
-    хотели бы вы получить корень-пароль для самостоятельного управления своими собственными сердечными демонами или предпочтете довериться службам собственника?

Дополнительные материалы по теме:
Д. Лилли. Программирование и метапрограммирование человеческого биокомпьютера
Р.А. Уилсон. Как промывать мозги друзьям и роботизировать людей
ODD# V/(a)/1,v;24Afm3180
#odd #science #erisian #timespace #biocomputer #programming #metaprogramming #opensource #software #bioware #future #infosec
original post@lj

!Lazy Admin

english russian

needfulthings

Wed, 05 Dec 2018 14:20:28 +0100 from Diaspora

To what conclusions do you expect the answers of such questions should lead? Substituting current (isolated) software architectures with biological units (and their interactions) is worse than comparing apples with oranges.

ivan zlax

Wed, 05 Dec 2018 14:44:57 +0100

@needfulthings, this is stylization. With this text i am imitating style of popular writer Robert Anton Wilson. He, in turn, also used a popular educational technique - questions for fasten material at the end of a article.

In sum, i just use modern information technology concepts about open and proprietary programs, into the Programming and Metaprogramming in the Human Biocomputer Model by J.C. Lilly, which i refer to at the end, of course. This is where my creative ends. Minor modernization of a fairly old scientific model.

needfulthings

Wed, 05 Dec 2018 14:59:30 +0100 from Diaspora

Despite my confusion you succeeded in making me curious :) I will have a look at both docs for better understanding.

New Cache ATtacks on TLS Implementations

ivan zlax

Tue, 04 Dec 2018 09:41:40 +0100

#^https://www.cryptologie.net/article/461/the-9-lives-of-bleichenbachers-cat-new-cache-attacks-on-tls-implementations/
#^https://web.archive.org/web/20120204040056/http://www.bell-labs.com/user/bleichen/papers/pkcs.ps

At CRYPTO’98, Bleichenbacher published his seminal paper which described a padding oracle attack against RSA implementations that follow the PKCS #1 v1.5 standard.

View PDF

Over the last twenty years researchers and implementors had spent a huge amount of effort in developing and deploying numerous mitigation techniques which were supposed to plug all the possible sources of Bleichenbacher-like leakages. However, as we show in this paper most implementations are still vulnerable to several novel types of attack based on leakage from various microarchitectural side channels: Out of nine popular implementations of TLS that we tested, we were able to break the security of seven implementations with practical proof-of-concept attacks. We demonstrate the feasibility of using those Cache-like ATacks (CATs) to perform a downgrade attack against any TLS connection to a vulnerable server, using a BEAST-like Man in the Browser attack. The main difficulty we face is how to perform the thousands of oracle queries required before the browser’s imposed timeout (which is 30 seconds for almost all browsers, with the exception of Firefox which can be tricked into extending this period). The attack seems to be inherently sequential (due to its use of adaptive chosen ciphertext queries), but we describe a new way to parallelize Bleichenbacher-like padding attacks by exploiting any available number of TLS servers that share the same public key certificate. With this improvement, we could demonstrate the feasibility of a downgrade attack which could recover all the 2048 bits of the RSA plaintext (including the premaster secret value, which suffices to establish a secure connection) from five available TLS servers in under 30 seconds.
This sequential-to-parallel transformation of such attacks can be of independent interest, speeding up and facilitating other side channel attacks on RSA implementations.

Linux.org.ru: Новости wrote the following post Tue, 04 Dec 2018 08:56:35 +0100

CAT - атака на TLS по сторонним каналам
#^CAT - атака на TLS по сторонним каналам

Международной группой исследователей была разработана новая схема атаки для перехвата закрытых ключей TLS. Исследователи из Израиля, Австралии и США модифицировали старый метод атаки на RSA (Padding Oracle attack), предложенной Даниэлем Блейхенбахером (Daniel Bleichenbacher) два десятилетия назад.

CAT предполагает параллельное применение нескольких атак Padding Oracle (расшифровку шифрованного текста для восстановления открытого текста путем отправки нескольких манипулируемых зашифрованных текстов), что в результате позволяет извлечь закрытые ключи шифрования при соединении, защищенном протоколом TLS. Основное отличие заключается в том, что для ее осуществления атаки нужно иметь доступ к уязвимой системе (с помощью уязвимого или вредоносного ПО).

В теории, с помощью данного способа злоумышленник может похитить токен аутентификации для доступа к учетной записи пользователя (например, в Gmail) и перехватить соединения или контроль над аккаунтом. За прошедшие годы разработчики реализовывали различные меры защиты от атак, но как оказалось, их можно обойти с помощью информации, полученной в атаках по сторонним каналам на кэш. С помощью сочетания атаки FLUSH+RELOAD(атака на кэш, когда отслеживается доступ к данным в совместно используемых страницах памяти), Browser Exploit Against SSL/TLS (BEAST) и предсказания переходов исследователям удалось понизить версии реализаций TLS в семи из девяти популярных библиотек (OpenSSL, Amazon s2n, MbedTLS, Apple CoreTLS, Mozilla NSS, WolfSSL, GnuTLS). Атаки же на BearSSL и BoringSSL не дали результата. Уязвимости получили идентификаторы CVE-2018-12404, CVE-2018-19608, CVE-2018-16868, CVE-2018-16869 и CVE-2018-16870.

PDF с описанием атаки

Оригинальная новость от одного из авторов

openssl, tls

!Lazy Admin
#infosec #software #opensource #future #past #tls

english russian

Lazy Admin

Mon, 03 Dec 2018 12:39:43 +0100

Mario Vavti wrote the following post Mon, 03 Dec 2018 12:32:15 +0100

Hubzilla 3.8.6 Released!
Changes:

Prevent incompatible export files (osada/zap) from being imported
Catch exception if readImageBlob() receives bogus data
Streamline PDF previews
Allow notification filtering by name or address
Fix too restrictive attached photo permissions
Update ES translation
Use flex for the default template
Do not store serialized pconfig value received via to Module/Pconfig.php
Update jquery-file-upload lib and move to composer
Update imagesloaded lib and move to composer
Fix activitypub tag notifications
Fix call to undefined function in PConfig
Fix typo which prevented propagation of comments to zot6 (dev)
Activitypub: add support for pterotype (wordpress plugin)
Openstreetmap: check validity of lat+lon before rendering a map

Please update ASAP!

!Hubzilla Announcements !Hubzilla Support Forum

Lazy Admin

Mon, 19 Nov 2018 18:20:36 +0100

Mario Vavti wrote the following post Mon, 19 Nov 2018 11:33:12 +0100

Hubzilla 3.8.5 Released!
Fixes:

Fix pconfig SQL install schemas
Fix delayed publication of posts in combination with channel clones
Fix issue where photo filesize was not updated in the DB when a photo was edited
Fix issue where the original photo size was not set correct in the DB
Fix delivery issue in zot_fetch()
Fix typo in channel reputation addon

Important: new installs with version 3.8.4 require manual interaction by the hub admin.

Due to a missing entry in the SQL install schema it is required to execute the following SQL
for MySQL installations:

ALTER TABLE pconfig ADD updated datetime NOT NULL DEFAULT '0001-01-01 00:00:00';
ALTER TABLE pconfig ADD INDEX pconfig_updated (updated);

for PostgreSQL installations:

ALTER TABLE pconfig ADD updated timestamp NOT NULL DEFAULT '0001-01-01 00:00:00';
CREATE INDEX 'pconfig_updated_idx' on pconfig ('updated');

Those steps are only required if you did a new install with Hubzilla version 3.8.4!

We are sorry for the inconvenience!

Please update ASAP!

!Hubzilla Announcements !Hubzilla Support Forum

Lazy Admin

Wed, 14 Nov 2018 18:32:50 +0100

Mario Vavti wrote the following post Wed, 14 Nov 2018 11:38:31 +0100

Hubzilla 3.8.4 Released!
Changes:

Fix xss issue (thanks to Eduardo)
Implement hook in enotify to be used by superblock
Various css fixes
Improve photo cache handling
Provide function hz_syslog() to log to syslog
Fix request_target in z_post_url()
Fix plural handling for various languages
Some preparatory work for zot6
Fix warning in gallery addon
Fix date issue on xchan photo update in diaspora and pubcrawl addons
Fix typos in startpage addon
Improve activitypub addressing
Fix taxonomy in activitypub direct messages
Fix syntax error in diaspora addon
New e-learning addon flashcards
Remove DNS check for database connection during installation
Implement timestamps for pconfig

This release includes security fixes.
Please update ASAP!

!Hubzilla Announcements !Hubzilla Support Forum

cURL-7.62 HEADS UP!

Mario Vavti

Wed, 07 Nov 2018 15:10:13 +0100

We are seeing issues with the last cURL release in combination with Hubzilla.
There is a open bugreport here to track this issue: #^https://framagit.org/hubzilla/core/issues/1291

The recommended workaround for now is to stick to version 7.61.1 until the issue is resolved.

!Lazy Admin !Hubzilla Support Forum

show all 27 comments

Grouchy

Wed, 07 Nov 2018 15:59:14 +0100

The issues seems related to Curl being built with HTTP/2 support. If you can disable HTTP/2, then it appears to work. For FreeBSD users, recompile curl and deselect the HTTP2 option. YMMV

Max Kostikov

Wed, 07 Nov 2018 16:01:27 +0100

The issues seem related to Curl being built with HTTP/2 support.

Maybe but we never was affected before 7.62

Mario Vavti

Wed, 07 Nov 2018 17:45:26 +0100

Possibly related to this commit?
#^https://curl.haxx.se/mail/lib-2018-07/0027.html

Mario Vavti

Wed, 07 Nov 2018 17:51:32 +0100

Maybe there is no need to recompile if we set the curl option CURLOPT_HTTP_VERSION to CURL_HTTP_VERSION_1_1

Grouchy

Wed, 07 Nov 2018 18:10:57 +0100

Maybe, but where is CURLOPT_HTTP_VERSION defined in the Hubzilla code?

Max Kostikov

Wed, 07 Nov 2018 18:17:54 +0100

As far we have this issue with only PHP 7.2 + cURL 7.62 combination so I believe we no need to fix Hubzilla code.

phani (Hubzilla)

Wed, 07 Nov 2018 19:50:22 +0100

i'm using PHP 7.2 but cURL is still at 7.58. i hope nothing requires cURL == 7.62 when that comes up...

Mario Vavti

Wed, 07 Nov 2018 21:22:13 +0100

CURLOPT_HTTP_VERSION this a curl specific constant iirc.

The question is if the actual issue is in curl, php or hubzilla.

The only thing i am sure of is that curl issues are a pita to debug...

@phani (Hubzilla) don't worry...

Mike Macgirvin

Wed, 07 Nov 2018 23:54:44 +0100

I've managed to debug them in the past by logging on specific or predetermined urls.

Harald Eilertsen

Thu, 08 Nov 2018 13:07:57 +0100

I can confirm the issue on php 5.6 as well. I'll try setting the env var when I get back to the office.

Harald Eilertsen

Thu, 08 Nov 2018 16:45:35 +0100

Added env CURLOPT_HTTP_VERSION=CURL_HTTP_VERSION_1_1; to my nginx config, but does not seem to make any difference...

Mario Vavti

Thu, 08 Nov 2018 16:54:26 +0100 last edited: Thu, 08 Nov 2018 16:55:25 +0100

Those are curl options. See here: #^https://secure.php.net/manual/en/function.curl-setopt.php

Max Kostikov

Thu, 08 Nov 2018 17:10:11 +0100

@Mario @M. Dent
How about to add system variable [system][curl_http_version_2] with default 0 as 'HTTP/2 switched off'?

Mario Vavti

Thu, 08 Nov 2018 18:18:56 +0100

Sure... If it works at all with this option set...

Max Kostikov

Thu, 08 Nov 2018 18:36:33 +0100

Sure... If it works at all with this option set...

I did grep over Hubzilla code and found that cURL used in few places and modules.
May be will be a good idea to have system-wide cURL default options.

Mario Vavti

Thu, 08 Nov 2018 18:43:01 +0100

IIRC there need to be different options in different places under different conditions...

Mike Macgirvin

Thu, 08 Nov 2018 20:33:34 +0100

This is a completely separate dev task I've started on (literally "just started on" a few days ago), but my plan is to move curl into an object and turn the options into a CURLOPT array and move the $recursion argument to the end, and drop the binary flag on get (no longer needed).

Then CURL::get($url,$opts{,$recursion}) and CURL::post($url,$data,$opts{,$recursion}) will both set meaningful defaults and acts the same as it does now but something in $opts can over-ride the defaults. The only place it gets messy is a couple of custom options which set more than one CURLOPT for a particular task or aren't exactly related to CURLOPT (such as proxy settings). We can't be enumerating every possible CURLOPT so we will only provide over-ride logic for those we are defaulting and then set the whole array without even looking at it.

In this scenario,CURL::post() could be implemented completely using CURL::get() with a couple of additional arguments and avoid a lot of code duplication like there is now.

We can certainly manually set the http version now and offer an over-ride mechanism. Anyway keep this in mind. I won't be able to touch it until Zot6 is stable.

Mario Vavti

Sun, 11 Nov 2018 15:19:07 +0100

I did some testing and setting curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); in z_fetch_url() and z_post_url() seems to fix the issues i have been seeing so far.

But - cURL is not only used in our code. We also use libraries that use cURL. That means that there is some potential that other things will break also and there is no way to set this option globally...

Looking at cURL issues i don't get the feeling that this will be fixed anytime soon if it's a cURL issue at all. See #^https://github.com/curl/curl/issues/3253#issuecomment-437626311

Suggestions?

Bob Mottram 🔧 ☕ ✅

Sun, 11 Nov 2018 15:24:45 +0100 from ActivityPub

@mario I had a breakage related to curl and http/2 earlier.

Is there something going on with curl?

Manuel en todon.nl ? ?

Sun, 11 Nov 2018 15:32:35 +0100 from ActivityPub

@mario
An ignorant question, Mario: couldn't you cut the Gordian knot and use an alternative? I think of something like wget... I'm sorry for my daring ☺

Mario Vavti

Sun, 11 Nov 2018 15:33:39 +0100

@Bob Mottram 🔧 ☕ ✅ cURL is making http/2 requests by default since version 7.62
Prior to this version the default was http/1.1

Mario Vavti

Sun, 11 Nov 2018 15:37:30 +0100

@Manuel en todon.nl 📰 📚 cURL is a library, wget is a commandline tool. So that is no alternative (and i am not aware of any actually)...

Bob Mottram 🔧 ☕ ✅

Sun, 11 Nov 2018 15:39:40 +0100 from ActivityPub

@mario Is there a way to stop that, other than using an older version? This could wreck a lot of stuff.

Max Kostikov

Sun, 11 Nov 2018 15:39:51 +0100

We can try a dirty trick with curl_setopt overide somewere in boot.php.

rename_function('curl_setopt', 'std_curl_setopt');
override_function(curl_setopt', '$ch, $arr', 'return hz_curl_setopt($ch, $arr);');

function hz_curl_setopt($ch, $arr) {
    // Override received options how it will required
}

Mario Vavti

Sun, 11 Nov 2018 15:49:37 +0100

@Bob Mottram 🔧 ☕ ✅ basically one can force cURL to use http/1.1 with an option.

Manuel

Sun, 11 Nov 2018 16:43:40 +0100

Now I see you! My mastodon comments don't, naturally, because I don't have the plugin enabled. I was scared, who would help me with my problems hubzillians with jazz in the background?

Klaus

Tue, 13 Nov 2018 13:58:40 +0100

Guzzle is used by many PHP projects. By default it also uses cURL, but can also operate on different HTTP handlers. Most projects use Guzzle for PSR-7 response and request interfaces.
I think Sabre had its own http protocol handler library, but I have no idea in which state this library is. As far as I know Guzzle is far more popular, but I am not sure it will solve the problem.

Lazy Admin

Mon, 05 Nov 2018 13:28:04 +0100

Mario Vavti wrote the following post Mon, 05 Nov 2018 10:39:27 +0100

Hubzilla 3.8.3 Released!
Fixes:

Do not count likes in forum notifications if likes notifications are disabled
Fix typo in spanish translation which broke javascript
Improve linkinfo charset handling and image detection
Fix wrong image resize for some external images
Move blueimp upload lib to composer and update to version 9.25
Remove primary/clone counts from admin summary until we have a mechanism to update the fixed counts
Fix html2markdown() and re-enable previously failing tests
Improve look of oembed content for Hubzilla links
Fix forum notifications count not correct
Fix gallery addon which broke mod apps in some situations
Fix wiki_list widget not working on every page respectively level