[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [SECUNIA] Question regarding reported vulnerability in log_msg() in
From: |
Chad Walstrom |
Subject: |
Re: [SECUNIA] Question regarding reported vulnerability in log_msg() in misc.c |
Date: |
Wed, 10 Nov 2004 10:16:26 -0600 |
User-agent: |
Mutt/1.5.6+20040722i |
Carsten H. Eiram wrote:
> http://marc.theaimsgroup.com/?l=bugtraq&m=108820000823191&w=2
> ...
> http://www.debian.org/security/2004/dsa-590
> ...
> However, to ensure that the information in our advisory is as correct
> as possible, we would appreciate your thoughts on how this issue can
> be exploited, by whom, and when you are planning to release a patch.
I will be releasing a patch and updating our website later today (I have
a day off from work), and making an announcement on info-gnats.
I should have done this long ago. We have Hans-Albert Schneider
<Hans-Albert@HA-Schneider.de> to thank for committing the fix in CVS on
2004-09-06.
--
Chad Walstrom <chewie@wookimus.net> http://www.wookimus.net/
assert(expired(knowledge)); /* core dump */
signature.asc
Description: Digital signature