Re: [SECUNIA] Question regarding reported vulnerability in log

bug-gnats

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SECUNIA] Question regarding reported vulnerability in log_msg() in

From:	Chad Walstrom
Subject:	Re: [SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c
Date:	Wed, 10 Nov 2004 10:16:26 -0600
User-agent:	Mutt/1.5.6+20040722i

Carsten H. Eiram wrote:
> http://marc.theaimsgroup.com/?l=bugtraq&m=108820000823191&w=2
> ...
> http://www.debian.org/security/2004/dsa-590
> ...
> However, to ensure that the information in our advisory is as correct
> as possible, we would appreciate your thoughts on how this issue can
> be exploited, by whom, and when you are planning to release a patch.

I will be releasing a patch and updating our website later today (I have
a day off from work), and making an announcement on info-gnats.

I should have done this long ago.  We have Hans-Albert Schneider
<Hans-Albert@HA-Schneider.de> to thank for committing the fix in CVS on
2004-09-06.

-- 
Chad Walstrom <chewie@wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c, Carsten H. Eiram, 2004/11/10
- Re: [SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c, Chad Walstrom <=
  - Preparing 4.0.1: Patch release of 4.0, Chad Walstrom, 2004/11/10

Prev by Date: [SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c
Next by Date: Preparing 4.0.1: Patch release of 4.0
Previous by thread: [SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c
Next by thread: Preparing 4.0.1: Patch release of 4.0
Index(es):
- Date
- Thread