Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 8 Aug 2013 13:28:59 -0400 (EDT)
From: Jan Lieskovsky <jlieskov@...hat.com>
To: Seth Arnold <seth.arnold@...onical.com>
Cc: Dan Williams <dcbw@...hat.com>, oss-security@...ts.openwall.com,
        "Steven M. Christey" <coley@...us.mitre.org>,
        Florian Weimer <fweimer@...hat.com>
Subject: Re: Re: CVE Request -- Four flaws in WiMAX (afaik
 upstream is dead for this)

> 
> On Thu, Aug 08, 2013 at 12:10:21PM -0500, Dan Williams wrote:
> > There don't have to be public bugs yet, but if nobody writes patches in
> > a reasonable amount of time perhaps they should just be made public.
> 
> They are public already:
> http://www.openwall.com/lists/oss-security/2013/08/08/10

Yes, made them public. As can be seen in timestamp for Red Hat bugs,
original notes have been added by Florian pretty long time ago (but
still within this year, so 2013 ones should be applied).

> 
> This is probably for the best, sounds like anyone reliant upon this code
> would be wise to re-write much of it anyway...

Since these did not seem to follow some progress, made them public
(so people would at least know about the issues and could deprecate / obsolete
the package or look for other ways of solution).

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

> 
> Thanks
> 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.