Delete retr0reg.gguf
Why?
dude stop with the maslicious code, bro. Nobody wants it, actually. Maybe you might be doing this because you are an ML security researcher but, you should be researching, not spreading it.
Stop making any PR under this repository, please:
- This vulnerability is patched almost 2 years ago, we worked abetlen author of llama-cpp-python on addressing this issue, a patch was merged after a day of discovering this issue.
- This code is either malicious to intended to be, if you actually try understanding what it's doing. Huggingface's format security scanner (I worked with ProtectAI) actually references file like this while building it to prevent more attackers exploiting such vulnerability.
- The security advisory of this CVE-2024-34359 and many other write-ups contains the reproduction of this vulnerability.
Thank you purposing this I understand you're doing this with a good intention, but clearly you might want to 1. change the way you're communicating 2. do more background research. Thanks.
Listen, I am so sorry for the misunderstanding. I saw the code and reacted out of concern without researching the context of this repository first. It was unprofessional of me to say you should be 'researching, not spreading it'—I clearly didn't have the full picture, and I regret the tone. I appreciate you explaining the file's role in the Llama-cpp-python patch and its use for ProtectAI and Hugging Face's security scanners.
I'll be much more thorough and objective in my research before opening PRs in the future. Thanks for the correction.
It’s cool - like I said I understand you came from a good cause.