Date: Thu, 30 Jan 2014 17:20:33 -0800 From: Kees Cook <kees@...ntu.com> To: oss-security@...ts.openwall.com Subject: Re: Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038) On Fri, Jan 31, 2014 at 04:11:16AM +0400, Solar Designer wrote: > This issue was brought to linux-distros and firstname.lastname@example.org 2 days ago via > the message quoted below, and it was just made public at 22:00 UTC today > (two hours ago) via grsecurity and PaX (who were the ones to find the > issue). Normally, the person who brought this to linux-distros would be > the one responsible to bring the issue to oss-security as soon as the > issue is public, but Kees does not appear to be around at the moment and > the issue is critical enough that I find it inappropriate to delay this > posting by a few hours more, hence I am doing Kees' job by posting this > in here. Thanks for covering for me, Alexander! I am travelling, so high precision timing on email hasn't been great today. :) -Kees -- Kees Cook
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ