From 7423925875a13b18b1fe697eee5a6c4a40715b51 Mon Sep 17 00:00:00 2001
From: Yuval Kogman <nothingmuch@woobling.org>
Date: Thu, 18 Jun 2026 15:23:03 +0200
Subject: [PATCH] Add disclaimer to redis vuln post

---
 blog/2025-04-08-payjo-in-redis-misconfiguration.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/blog/2025-04-08-payjo-in-redis-misconfiguration.md b/blog/2025-04-08-payjo-in-redis-misconfiguration.md
index a6fa503..4993f81 100644
--- a/blog/2025-04-08-payjo-in-redis-misconfiguration.md
+++ b/blog/2025-04-08-payjo-in-redis-misconfiguration.md
@@ -7,6 +7,11 @@ authors: nothingmuch
 tags: [security]
 ---
 
+Disclaimer: the author indicated redis and docker compose were a liability
+before, helped with the incident response, mitigation and removal of these
+liabilities afterwards, has never had any access to the payjo.in infrastructure
+and is not responsible for the misconfiguration or misdiagnosis of this
+specific vulnerability.
 
 Due to a docker misconfiguration, the `payjo.in` directory server had an open
 redis database, allowing unauthorized parties to observe exchanges between pairs