#general

make the cache your servers

just cache your website on cloudflare once and then stay indefinitely offline

So, I know that I tipple my words sometimes, if that upsets you, I have a challenge for you

https://www.youtube.com/watch?v=mJUtMEJdvqM

i couldnt watch after the first one

an book

which in my life is pretty much every single thing all the time

do you guys know why knife manufacturers are so innovative?

it's because they always come out with cutting edge technology.

0/10

If you're not already a father, I'd be tryna trace all those whom you've done the dance with as that's a sign

cat, most people here are like 14 or 15

they're not old fucks like we are

I come from a council estate

they should already be considering the 2nd now!

You know, surprisingly, there was only 1 pregnancy scare that I recall during school

meanwhile, I was a pregnancy scare

i was the only child my parents actually planned and i have 3 siblings

Doesn't help if a single request is already too slow

One thing we had an issue with at work, was that we didn't have metrics around time for internal requests (stuff like internal staff making changes etc)

That's fine as it doesn't touch the customer - but if the servers are being delayed for 3 seconds, every request the load balancer sent to that server is delayed too

We were seeing small blips in request latency that was very regional, turns out it was an internal automated task doing a large data retrieval and causing delays to one specific server

I can't recommend instana enough

The insights it gives are insane

TIL https://www.youtube.com/channel/UCjJn75rK6lUaYwal1Ald1gg

This morning vs yesterday morning

76% reduction in mean latency

I also can trace every single of those 13k calls thru all my systems

oh god, I just found the longer version of a classic vine

https://www.youtube.com/watch?v=ukDAfF0-8q8

https://xkcd.com/2552/

(DiscordBot) xkcd: The Last Molecule (8 December 2021)

well this is disturbing https://www.youtube.com/watch?v=MZ8giCWDcyE

probably loss of circulation to the optic nerve, should go see a doctor if it happens on a regular basis

we're already at dec 8th? wtf i am barely processing 2020

OH NO, ITS DEC 9TH

medical advice in paper general

dont worry im still stuck in 2019 somewhere

I mean, visit a doctor is good medical advice ig?

that's the only good advice in t here

the 'probably loss of circulation to the optic nerve' is very sus

even an ophthalmologist would not say that without examining lol

i mean i'm not in the netherlands so i have no idea what's really happening lel

did tell her to go to a doctor though

is that

is that ma boi thurston

i diagnose her with dumb

anyone know how to use overlays in MCAselector?
I want to show ChunkBukkitValues -> pluginname:key, min = 1, max = 200
but idk how todo it

and i, as medical doctor of paper, diagnose you with best

alright i gotta sleep, i have a thing to be up for tomorrow and it is not good that im still awake(TM)

bai

night simple

Lmao. If you have Pixel with MS Teams installed, where you are not logged in, Android will prevent you from calling 911
https://www.reddit.com/r/GooglePixel/comments/r4xz1f/pixel_prevented_me_from_calling_911/hnrvsr1/

Oh cool OnePlus 5 all over again.

At least I know my OP5 can call 911... even by accident.

rip anyone being stalked by a killer lel

Sherman: mom (doctor) thought it was to me not being fully healthy, breating in cold air rapidly cuz i had to hurry to the bus stop and not having had the time to eat breakfast

https://open.spotify.com/track/0TAHhMjG17P5pzlSm1sgSl?si=c8df5c08f3fe4718

best damn song ever

electronicboy, this one's for you https://www.youtube.com/watch?v=qh32sanojSk

oof

why is this so funny

what the fuck LMFAO

lol

I mean, this stuff is often just produced by random people who have the means to print shirts

especially if you can get people who don't care about licensing, and even more so if you're potentially doing stuff like that

The joy is that most people wearing stufflike that will be doing it for the kicks, like, album artist shirts

Not to say that there aren't some artists who have shirts out there which are dope af that you'd wanna wear even if you hated the band to all heck

sadly the print quality on my frums tshirt was horrible

Papa Franko.

Hello paper general

krusic how are you?

I'm alright. Still suffering a bit.

still in hospital?

Nope. Been home for about a week now.

Yea I hope ur doing better

Ay get well soon

@ashen cliff

best krusic

hello Broccolai

best broccolai

BEST @untold meadow

best @untold meadow

Daily AuthMe reminder: https://posili.me/i/2021-12-09_12-59-39.png

Daily reminder https://twitter.com/Ukraine/status/1468206078940823554?s=20

https://twitter.com/digidiplotaiwan/status/1468476586186129408?s=21

LMFAO

I love that meme

Let's see how well they age

Isn't Russia planning to invade Ukraine?

And china still pretends Taiwan is part of china too

oh noes

john lennon 1969 (colorized)

woooooo

our YK licenses have expired \o/

what is that?

Yourkit, profiler

Prolific

Who is gonna call them?

yourkit does their 100 eur commercial licenses in january right

yea, but, we get free ones

can anybody link that offline-mode bingo card

Oh right paper gets free ones

Yea I bought an education license a while about

Your kit is pretty nice software

If you do a full render on dynmap does it show everything

Or just chunks that have been loaded

i think it renders the whole world

it only loads generated chunks

it cant magically know what those chunks will be without them being generated lol

pain

linus is happy now

that layout really tickles my web dev

on one hand the beanies and mouse pads are in stock, on the other hand I kinda wanna wait until the maybe finally release the nice screwdriver

@ jake when

free ltt merch for community managers when

free ltt merch for core team

no

i'm not core

and mini already has enough

i mean paper team

my brain slow

run at 1Hz

i see my diagnosis was spot on

yes

My brain blank

you have brain?

damn

jealous

No me bot

i have migrated shogicraft to java 17 because im too lazy to support any version but latest

wee

intellij and gradle screamed at me

I only have two water bottles and a mouse pad, that's not enough, smh

i am still using a cheap Action mousepad

vertically.

Mini needs more?

Hey Naomi

Hey Owen

just gotta get better than mini, shouldn't be too hard

I don't need a desk mat, but it would be nice to have one 😄 I do want a water bottle and a beanie tho

Aren't the beanies always sold out anyways?

What's the best server client including a decent front end in your guys opinions? Preferably running in a docker container

I was looking at shoes because as I found out today my sneakers are
1 - not really good thermal insulators
2 - not watertight (thanks 15cm snow over night) and I think I found the perfect ones

not right now

i have those

ofc

Time to code in dart

ive had them for like 7 years or so

they just keep going lmao, cant break down plastic

meanwhile the other end of the spectrum in case I wanna drop a car on my feet

do they have steel toes?

Nvm this engine looks stupidly awful

The website doesn’t even work properly on phone how did they partner with google

steel toes, heat resistance up to 300C, oil/gasoline resistant. you know, if you have to walk through burning gasoline

happens to me all the time

just yesterday

you'd be surprised how often that happens

exactly

they look kinda pretty tho?

not bad

How ya doing!?

fixing minecraft shogi to make it slightly more performant

why

Thinking

because it's borked and ugly

and i have nothing else to do

I’m in class rn, gonna get ready for exams. x)

https://naomi.s-ul.eu/XHrKywjq i believe i messed up here

Interesting, what game is this?

Idk what shogi is x)

it's chess

but japanese and better

but yeah i realised i can make a lot of methods in shogicraft static yesterday night lol

decreased jar size by 2kb

cool, that's all fixed now

i can release 1.0.2

kinda makes me wish we had static classes like C# does

not the static inner classes

its just syntax sugar though? just forces you to make every method in the class static, doesnt do anything else

oh

i thought it worked different under the hood too

kek

not that i know of

and i wished Enums in C# were more like in java haha

they can only have numeric values in C#

Ahh

i have almost never used enums before in any language so i can't tell xd

Enums in java kinda are pain sometimes

I really wish they supported generic types

why do you want an enum of T

that's cursed

No like

T

lel

Ok look at JEP 302

Basically being able to

enum Argument<T>

THING_1<Integer>()

We need 1.18 ASAP

Does anyone know release date?

.downloads

https://papermc.io/downloads

maybe open your eyes if ur so needy

^

Not experimental tho

well tough luck

my server crashes every 30 mins

Then report those crashes

And go to #❗-1-18-experimental

Not here

report them so they can fix it lol

Hm

my test server still has not crashed a single time B)

welp it's Paper + a new version of minecraft, should be expected xd

• a new version of Java

mine has crashed more than stayed online lol

rtp devs:

true

i blame deez nuts

17 has been stable for me all this while tbh

kinda sucks that I can't compile the JVM with gcc on windows though

use clang!

Me wanting to test stuff on 1.17: sorry we only support up to j15, ok starts server with j15, sorry your plugin has been compiled with a newer version of java
me: reeee

wat

isn't 1.17 j16

1.17 uses java 17

i use the ucrt gcc branch of mingw cuz it uses the newer Microsoft runtime library and it's kinda convenient

whatever im gonna play roblos and wait for The Boys™ to join

don't really feel like using clang yet, and even if i did you can't compile the JVM with clang either on Windows :/

how come

# These toolchains are valid on different platforms
VALID_TOOLCHAINS_linux="gcc clang"
VALID_TOOLCHAINS_macosx="gcc clang"
VALID_TOOLCHAINS_aix="xlc"
VALID_TOOLCHAINS_windows="microsoft"

yeah I've tried tricking the configure script into thinking that gcc is a valid windows compiler before and it ends up trying to run gcc as MSVC lmao

Minecraft Now in 2 hours.

U gonna give us a summary afterwards?

Cause like, I refuse to listen to TikTok people

x) for real

Cause like, I refuse to listen to TikTok period

haha sherman you have to use msvc

well to compile the JVM anyway

i use ucrt otherwise

still can't find a decent front end/minecraft server manager

pterodactyl

thanks man, that looks like exactly what i was looking for

attempted to install AMP earlier bc it said it was free, aparently hasnt been free in forever

• finishes install process
• asks for key

oof

did the grub thing for wings and killed the server lmao

What happened to this pr? https://github.com/PaperMC/Paper/pull/5029

aaaannndd, it was something running on my pc blocking lan connections

ah

hesitancy to do it if mojang is going to do it differently i’d assume

The patch, in general, is fine, afaik the only real remaining issues are tryna deal with the side-effects of ID 10 T

won't be ever merged probably, because there's no way to make spigot shit itself when it sees zstd/lz4 region files

The thing was brought up with mojang and they seemed kinda interested in it, but it puts us into this fun weird position where, say, if you go back to vanilla, it'll just toast the world more or less (and we've already had enough issues with people doing similar things to their worlds and expecting a "fix"), as well as the annoyance of having a patch which is literally "if (compressionType = 123) compressionType = 1" forever in the codebase

We've already got that horror with the oversized regions patch in which we're probs gonna need to maintain for eternity

if (compressionType = 123) compressionType = 1
xd

Hey, I was just trying out the new 1.18 release, but it keeps crashing (only in certain regions though, and after a random time). Going off the stacktrace, the error should be coming from this part random.nextFloat(100.00F / level.spigotConfig.glowBerryModifier) (https://github.com/PaperMC/Paper/blob/7c8fdc1fb60212217e26040593b03d30642b5bcd/patches/server/0820-Fix-kelp-modifier-changing-growth-for-other-crops.patch#L28). Looking online shows nextFloat shouldn't have a parameter. I am running this inside the openjdk 17 alpine docker image. Am I missing something?

Mind sending the stacktrace in #❗-1-18-experimental?

Sure, one moment

BTW, this happened on both an existing world, as well as a new one

the argument nextFloat takes should be the maximum value it can return btw

answered you in #❗-1-18-experimental

Zzz

Hi!!

@spiral robin final over?

3 more, 2 today 1 tomorrow

i wonder how much zstd or LZ4 compression of region files speeds chunk loading up? it would also be nice to have smaller region files

Thank you for asking tho ❤️

compressing/decompressing with zstd is so much faster than gzip

Good morning

I'm tired as fuck

go back to sleep

Same

💤

No

I have to go to campus soon and blow up liquid nitrogen with my professor

Someone already implemented this and benchmarked it 😛

Results please

Well, I guess I don't know if they were measuring decompression of cached/in memory data or the whole loading and decompression process

Where can I find them?

https://github.com/PaperMC/Paper/pull/5029 is the last version of the PR, https://github.com/PaperMC/Paper/pull/2814#issuecomment-570751804 was the benchmarks

I think Paper should at least do the tweak to zlib compression level

It makes the compression ratio and decompression times very slightly worse but cuts the compression time in half

Although those numbers might be different on 1.18

God damnit YouTube, I wanted to chill, not start crying uncontrollably https://www.youtube.com/watch?v=Vv7e3E6fgfY

@twin lagoon @warm anchor

googles ads are so infuriating, finding actual results is such a pita sometimes

Good luck on ur next exams tho!!

I have my French final x)

i had to scroll 2x the window size to get to the first actual result on googling “ups label creator”

actually the first page has 9/12 links as ads. the first 5, then the final 4…

when do you think purpur will come

because my server is fully optimized on paper 1.18

and gets 11 tps on 8 people

This is paper, we don’t know.

purpur doesn't do shit for optimization

^ that too

yes they do

if you get 11 tps on paper you'll get 11 tps on purpur

they don't

yes they do they have different software

Yea rly they don’t

They just offer a bunch of extra features

i launched three servers before

same specs

But not optimizations

it's based off of paper and the only thing they add is bloatware that should've been in a plugin

on paper it lagged like crazy

Your testing is improper.

then i finaslly discorver purpur

and used same optimizations

that was probably before tuinity was merged into paper

propaganda

and i get steady 20 tps

on more people

was that 1.16 or 1.17 when you found out about purpur

1.17

and purpur has a tps ctach up system

spigot has tps catchup too

you dont know what you're talking about

Yea..

basically of a server tps drops

Purpur just let’s you disable it

This literally has existed for years

bruh this is how much my server is using

that's normal

out of what imgiving it

ok

I’m not sure what you are expecting out of this convo x)

tuinity was merged into paper on 2021-08-31 so if you used purpur before that it makes sense

yea until

well, provide timings

chuck em in paper-help

someone will figure your shit out

so its not server performance

Pretty sure Purpur is or used to be basrd on airplane

Used*

It uses to be based on airplane and trinity

trinity

brocc 🥺

😠

expalin this

micheal ?

x

Typing without looking on keyboard

and how it give sthis

Yes some useless stats, this means nothing

your server isn't supposed to be using 700% CPU 24/7

What’s wrong?

dude what are you even talking about

so i don't see much wrong

its nto using it

that's normal

its how much it can use

but it dioesnt need it

correct

Hi broc!! 😍

i can assure you michael knows at least 1000000x more about servers than you

your server doesn't need more

hello OWEN !

it will use up more when it needs to

it does not need to

yea but it does have more

it has more yes

yet with paper every single server i used with it

it got 11 tps

provide timings

and someone will help you out

whwn i crossed 10 players on

i do have timings

then send them

its saying entity

send them

https://timings.aikar.co/?id=a388c7039e84488c8979f30b5b6dcbb9

severely outdated version of 1.18

1. You're 30 builds behind, update

timing cost 250 lmao

oh but ist enity count

flags: -Xms128M -Xmx20000M
use equal xms & xmx memory allocations

that breaks it

??

oh

check your sheep count / use farmlimiter

what are you hosting this on, 900 entities shouldn't be an issue for most cpus

I’ll be waiting for my $12 million seed round from a16z https://mobile.twitter.com/holman/status/1467958306119421956

wait

the hsoting im using

doesnt show what specs

but im pretty sure its from hetzner

😬

that's a red flag already

what host are you using

witehr hosting its not a red flag

my friend works there

the fact that you don't know your cpu is a red flag

hes also my dev

Not telling your customers which hardware you're using is a big red flag ^

maybe they do

but idk where to check

why not ask your friend

https://client.witherhosting.com/cart/minecraft-premium/

they indeed do not mention it anywhere on their pricing page, that's a major red flag

https://witherhosting.com/Hardware.html?

okay that's better

are you on budget or premium @dawn pond

no although premium just gives u more locations

no it gives you an entirely different cpu

if you use budget, that's the reason you're lagging

oh yea

if you use premium you have a different issue

its not

mf

if you use budget you're getting a shit cpu that you also have to share with other customers

cause if you didn't read what i sent

my freiends works there

ok

he gave me a main domain

and he trys to keep me

bad news

on an unoccupied node

your friend gave you a shitty server

look if you're on a budget server it's simple

you have a horrible CPU that will not handle 1.18 properly

dude its not the node

its not even using

the specs

i give it

the cpu usage you're looking at is irrelevant

that's not how this works

if it was that simple everyone would be using raspberry pis to host their servers

you have a cpu from 2011

designed for stuff like webhosting

yes, that's horrible for minecraft

my minecraft server is accessible from the web, how could it not be designed for it, smh my head

what about a i7-7700 intel

cpu

that's better

hmm

would 15 gb of ram be enouygh for the server

plenty

ok maybe i should ugrade to premium

you definitely should if you want consistent, good performance on 1.18

hmm ok

this would be better?

the 5950x is one of the best cpus you can get yes

one sec

im talking with my friend

i wanted to end my life when server start first lagging

we made such a great launch

and 48 people

then lag

i want to end my life after this conversation in paper general too

so that's understandable

relatable

@twin lagoon

@viral hornet

lol

so server is gonna be 30 dollars plus dev costs 16 dollars

pain

the only reason i use wither hosting is cause of multi servers

bloomhost has that aswell

and it's a lot better of a host

i have an i7-700 cpu and 32 gb ram server under my feet

but my ip chnages alot

and last time i used it

a team called whitelist team

ddosed my home network

every time ip resets and i connect it to teh domain

it gets ddosed

like elgit

Use a service like tcpshield then

these morons set up a bot

yea i did

but it causes lag

so i would turn it off secretly

but these guys set up a bot

that pings my domain every two hours

this is as bad to say as calling purpur having better performance IMO

and ddoses that

wow great quote discord very good

.

legit absolute no life's

what

.

what

they set up a bot to ddos my domain every two hours

when i used my own server to host

just pointing it out, not gonna argue about it

i dont understand your sentence tbh barty

can you rephrase it

maybe im just tired

sure, it was a rough sentence. i’m saying michael saying purpur is bloatware and adds stuff that should only be done with plugins is in my opinion just as bad and misinformed as that guy saying that purpur is a performance fork

thank you, that makes more sense

that does make more sense yes i was actually confused about your sentence

Do you really need a feature that damages you if you run with scissors in your hands though...

I mean it's dangerous to run around with scissors...

it definitely adds stuff that can be done via plugins, but it also adds api, bug fixes, and stuff that is really hard to do via plugins

True, but that could be a plugin

so i guess you can call it bloat if that’s what you consider bloat, but there’s a lot of stuff in there that can’t be done via plugin

Just joking around never used purper

Wait so I have a question about paper 1.18

Where nay I ask

#❗-1-18-experimental

I feel like extremely modding gameplay directly in the server instead of implementing API which plugins could utilise the same doesn't really help the overall ecosystem

Thanks

one example is there’s an option to prevent mushroom blocks, note blocks, etc from having their block states update. not really easy to do via plugin because a ton of redstone stuff causes block state updates without sending physics updates/events

(but even that is just not all about it, they add some api too so ¯_(ツ)_/¯)

rideables also sound really difficult to do without modifying the server itself

just implement a Entity#setControlling(Player)

https://github.com/PurpurMC/Purpur/blob/ver/1.17.1/patches/server/0107-Add-predicate-to-recipe-s-ExactChoice-ingredient.patch

i also really like this patch

helps with recipes a lot

just steal it

runs

i really don’t want to have to maintain my own fork on top of everything else. i have been working on a major plugin rewrite on my server for almost 3 months now

(I was more taliking about stealing it for Paper/Spigot xD)

oh yeah if purpur ever dies i will be really annoying

does anyone know docker I have a new problem with it

about accessing localhost properly

and why I can't

because they are containers?

localhost for the container or localhost for the host machine?

host machine

the whole goal is NOT to expose your local stuff

shhh

I know I can alias host.docker.internal or something

but the issue I'm having is

a container is running on say

cont.xyz.net

and it needs to access something at other.xyz.net

and it can't

how do I fix?

set up the network interfaces it forwards properly I guess

docker networks?

that's a section of compose I've never messed with

Hi guys. I want to install linux but idk which distro, I have a very small knowledge with ubuntu. I want this to be my "workstation". Any suggestions?

pop os

wait so if I put cont.xyz.net and other.xyz.net and the Traefik manager all in the same network will it work?

Just look out for nuking the os while installing steam

They actually changed it so you can no longer nuke those types of packages

Lmao

wdym?

wasn't there a website tracking the Linus patches

https://arewelinusyet.com

found it!

https://www.youtube.com/watch?v=ZNrtP4lNmAE Gets released before the update comes out what?

I mean, lime is a mojangsta™️

So he probably knows if there are going to be any more changes before they push this out

The twitter post is like 1.18.1 is out and it isn't.

the prerelease is out

https://minecraft.fandom.com/wiki/Java_Edition_1.18.1_Pre-release_1

Where have you been?

It is on RC2

lol

The video has been deleted.

the video is hidden

or hidden but he did too early.

now ready for 1.19

The Wild Update is the name of an upcoming major themed update set to release in 2022 as Java Edition 1.19 and Bedrock Edition 1.19.0.[1] It adds the Deep Dark biome, along with the warden, sculk blocks and the Deep Dark Cities, and makes various other biomes more atmospheric and immersive in the world. In addition, it also introduces several new mobs and biomes variants.

https://twitter.com/slicedlime/status/1469003222002147337 lool

yeah

deep dark? they buying out the mod?

deep dark was supposed to be added in 1.17, maybe that mod was in response to it being delayed by years

deep dark dim mod has been around longer than 1.17

From Minecraft Wiki
Deep Dark
New biome at the "deepest depths of the world".
Originally planned for 1.17, then moved to 1.18, and was then postponed to 1.19 due to increased scope.
May not contain any water or lava aquifers.[26]
May be the rarest cave biome.[27]
Tends to generate under continental/mountainous areas.[28]
Generates exclusively within the deepslate layer between Y=-1 and Y=-64.[29]
Contains Deep Dark Cities.
Wardens can spawn there through the activation of sculk shriekers.
Contains all sculk-related blocks.
With the exception of spawners, no mobs other than wardens can spawn there, similar to mushroom fields.[19]
Deep Dark City[unofficial name]
New structure that generates within the Deep Dark.
Includes all of the Deep Dark features within it.
Made of deepslate and its variants, basalt blocks and its variants, planks, and wool.[30]
Contains soul sand, soul fire and soul lanterns.
Contains candles and skeleton skulls.
Contains chests with unique loot.[31]
The loot is intended to be items that cannot be found anywhere else, and that provide unique abilities and mechanics to players that weren't possible before and are not attainable by other methods.[32]
Contains the unknown frame block.
Has different levels and open spaces.
May have been built by an ancient civilization according to Brandon Pearce.[33]

am I thinking of a different mod?

isnt there a mod called deep dark where you build portal with compressed cobble and it has increased ore gen but hella mobs and the dark kills you

you probably thinking of this
https://www.curseforge.com/minecraft/mc-mods/deep-dark-dimension

oh it's in extra utilities 2

https://ftb.fandom.com/wiki/Deep_Dark

deep dark featuring deep dark city

https://twitter.com/discord/status/1469006075911311362 👀

wow

so fun

you know when you have a puzzle

and you are just so confused

that is me rn

Is the dude who made the deep dark dimension getting any credit for the new official deep dark

*dude or dudette

So I can throw a snowball at you!

I don’t need a bot for that

mining dim

thats where you dump your quarries and chill out

@void void ❄️

(I may have forgotten there is no snowball emoji wtf)

(But I threw a snowball at you)

🏂

@foggy silo

can we get this dumb bot added to here

won't cause chaos at all

Haha I got in I can fight back!!

anyone read r/maliciouscompliance?

You mean the one from extra utilities 2?

The naming is (probably) coincidental

It's just an underground biome, not a whole dimension

Mojang looking for a Senior Artist

Yeah what I meant, its too close to each other for me but its fair

did slicedlime release his 1.18.1 update video before it was released or smth?

yep

yes

that's hilarious

one of those things as a modder, sure a company as big as Mojang/Microsoft have these ideas written down years before they even start dev

uh nice, github now has star lists

it's almost as if that was a feature that bookmarks have supported for 20 years now

runs

😐

love this

Eventually reading garbage gets boring and a little disheartening

Enjoy it while you can

no

whats the bug?

Does this affect 1.16.3?

what is the exploit

exploit? 👀

what were the exploit used?

Why are you on 1.16.3 to begin with

well good that all my users use AutoPlug hehe

lol i saw the ping and instantly knew it would be a security risk

so

The inconsistency between and is triggering me

a log4j bug

gave LDAP access?

because they are wierd

what is this exploit

what if someone else does it for u

what does the exploit do?

they probably wont say

untill later

what was the exploit about?

when people update

is vanilla also affected or just paper?

Backport log4j bugfix

my server is dead so this won't affect me

nice

what does it do

lol

who pinged me!

mine too

true

there is 1.17 & 1.18... drop that old plugins xd

great; not sure what it is but there are currently 27 people on the SMP and idk what the issue is lmao

looking into it

Paper general average IQ dropping quickly

+1

-1

I feel like I'm getting dumber

who can exploit the exploit?

#announcements message it would be nice if you guys actually gave some more info, a blog post maybe

I’m just gonna not check this channel for a while

like players or plugin devs?

I'll miss you dap

Once Apache has a post they can link to it

Oh yes! This way everyone will know about the exploit and it will be worse

It's paper what do you expect

what was this new exploit ?

no i will not update my paper client, i like having a destroyed server

just paper

probably

yes

client or whatever idc

They should’ve just locked down paper general for a few hours

nah that just makes me mad

they dont want ppl discussing it

exploit discord?

no

We all love zero day exploits

maybe because it’s bad for servers?

I think it was a op exploit

Have you tried to use your brain

what the exploit so i can go shut down competition servers 😄

what was the exploit

there should be a channel for important announcments like this one

its bad if it makes me mad

As i got random people getting op

It wont

#announcements message

pinging everyone and expecting people not to want to discuss is naive

isnt that #announcements they dont post in there much

fair enough if its not public, I assumed it was public tho

what was the exploit

The CVE isn't even public yet lol

what was the exploit?

Oh yes! This way everyone will know about the exploit and it will be worse

yeah probably

update to 1.17.1 via backwards

im just gannna reply to that to everyone that asks

the exploit seems to be very specific though

#announcements mfw 1.16.5 backport

please backport to Beta 1.7.3 i need

Yeah but the channel is just gonna get filled with not so smart people asking what the exploit is

Sounds like just a crash exploit

i fully understand

Whats the exploit

why

Oh yes! This way everyone will know about the exploit and it will be worse

It won't be disclosed

They are probaly going to release a 1.16.5 update in hours.

paper when???

Im a curious monke

now

just shut it down for now

fix was already released

Fix is not released for 1.16.5 though

what was the exploit

Details of an exploit will not be discussed publicly

Update your stuff

makessense

are older versions affected as well? is vanilla or spigot affected?

By happy it was disclosed in the first place.

thats why i developed autoplug lol

not being discussed

I also wanna know

drop it

yes or no

oh ok you can use via version so people of higher versions can join

The severity

Just update your server and go on about your day

No. You're not getting an answer. Fuck off thanks.

if they make an announcement its severe

Just look at the commits on github :^)

just read the commit lol https://github.com/PaperMC/Paper/commit/b475c6a683fa34156b964f751985f36a784ca0e0

if you want to know so much what the exploit does then we assume you have knowledge in Java to understand

Improper validation of certificate with host mismatch in Log4j2 SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.

where on the CVSS scale does this exploit place

otherwise just shut the fuck up y'all

that's all I want to know

maybe try again with newer 1.17.1 paper releases

CVSS Base Score: 3.7 (Low) CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

read the commit https://github.com/PaperMC/Paper/commit/b475c6a683fa34156b964f751985f36a784ca0e0

you need to know? lmao

adam that's not the exploit lol

there is no cve afaik

Thanks muchly for the #announcements notification paper people 🙂

hm

There probably wont be a CVE for a few days

I'll keep an eye out for it then, sounds really interesting

If y'all can't read them saying they won't give info, are y'all going to read the info they do give?

oh ok

Oh my wow

report that to paper

literacy is too much to ask for

does the exploit affect 1.8.8 though

What is the exploit?

1.8 lads you guys should update 🙄

What was found?

Meh someone will find out anyways and post it on YouTube for me to watch for fun bc i’m curious what it is since everyone got pinged

old combat

it would be good to know which versions exactly are affected

https://tenor.com/view/minions-blah-blah-blah-roll-eyes-eyeroll-whatever-gif-16216173

and just use a 1.8 pvp plugin with via backwards

a lot of people are running older version servers

Pretty sure they stopped development on it

guess only the mentioned ones

https://tenor.com/view/pc-hack-hacker-guy-fawkes-mask-gif-17047235

???

Why would they fix it on 1.8 if its there?

whats the point of backporting to 1.16.5 considering people still on 1.16.5 probably wont update anyway

that is exactly the opposite of what i said

It literally says. in the announcements lol

Fair

nice

What is the exploit that is found?

1.16-1.18 are the only fixed one.. maybe they're the only affected one i think

does the recent exploit affect spigot too or is it exclusive to some paper patch

What that exploit does?

Can we finally get rid of 1.8 servers

what makes you think that

Announcement.

Would be nice xD

as far as i know, 1.8 does use log4j

and thats what is affected

does this affect the client aswell?

the announcement only says for which versions they have a fix^^

hell yea

I am in commtech class

The only reason that's semi justifyable for 1.8 is the better 300+ playercount performance compared to post 1.12.

@fair cloak #announcements message

It probably affects every version since like 1.3 when they started using log4j2

Yes?. So all versions before that dont lmao?!?!?

hypixel players are the reason

dafuq

#announcements

^^

they are so close minded

Actually I think we always used log4j2 in CraftBukkit

This seems like it, not sure though

So every version

Kinda shady dev practice not releasing a CVE if it's as severe as you're making it out to be

howoldisminecraft189.today 6 year birthday

we fucked

yeah, sharing the exploit here

LOL

lets go!

Let's not share links please

I read the commits, this should be a non issue if you're using properly vetted plugins and java 17

Woah what was that link

some of y'all are braindead

It's titled backport log4j

This might have something to do with porting a newer version of log4j, a Java logging service, to older versions.

No sharing of exploits

I hate children on the internet

How is that hard to understand

Agreed

Hi aurora i hope you're doing well

its just you

All y'all really need to worry about is updating to the latest build and then going on with your lives again

how tf should log4j, a java library only used for logging stuff, be used as an exploit

Also jok i dont rly think they'll update 1.8

will this affect bungee?

no

Easily?

read the anouncement lol

once again, you didnt understand what i said at all.

you can always update to 1.17.1 to get the fix

Does spigot also have the exploit?

Yeah that's weird

Im just curious and Im not sure if I can ask but what the exploit can cause? Some file fuckery?

vanilla minecraft has the exploit

or 1.18

Then what then

oh god oh no

made by oracle!

a Java library that happens to use native (non-Java) code could run into a buffer overflow and that overflow be exploited

now, i am not saying this is the case, it's just one of the general cases of "exploits" any software can suffer.

They're not saying anything, which is kinda obnoxious

its not there

Its fair enough, people can abuse if they now more info

oh no

Cause i cant see your message jok anymore. deleted?

does the exploit affect 1.8.8 though

1.8 lads you guys should update 🙄
fairly sure i didnt mention porting the patch ever

Oh thanks

has it been reported to mojang?

Watterfall is a fork of bungeecord

yes

What's the exploit about ?

It's extremely bad practice not to disclose at least what the vulnerability does

The reason exploits aren't instantly publicly explained is due to bad actors being able to use that information to start attacking. Waiting a few days/weeks allows for people to update.

It's common sense

op perms they say

no

guess what the next release candidate for 1.18.1 is going to be about

No, it's bad practice

oh ok

patched

It's a zero day, it's already in the wild

or you can update to 1.17.1

those colours are hurtful to my eyes

that's horrible

what happend

big exploit?

Man that version is 10 versions ago, almost 10 years

paper doesn't like old versions

have the servers even changed ever since 1.7.5? i know 1.6.4 and lower basically don't have skins anymore but 1.7.5+ probably still works?

what does it do

Drop it already lol

True. Just thought you might have assumed that they'd update 1.8 if it was there. My bad.. guess we'll have to wait for the cve

I know how it works too lmfao, doesn't change that they don't want more people to exploit it

SUPRISE - people that want to exploit it, are already exploiting it because they'll know people that know what they exploit does

1.17 and 1.18 are the most important versions of paper lolz

Is the exploit for 1.8?

RCE?

This is a circus

lmaoo

Better that few people do it then just everyone

There was a web with stats but def 1.8 was like 1%

whats the exploit

with log4j

!ban @safe mason Troll/annoying

Gullible

No

:raised_hands: Banned neon#0111 (Troll/annoying) [1 total infraction] -- aurora#4484.