Date: Wed, 3 Sep 2014 21:44:12 -0700 From: Tavis Ormandy <taviso@...xchg8b.com> To: oss-security@...ts.openwall.com Subject: Re: heap overflow in procmail Rich Felker <dalias@...c.org> wrote: > > Unless I'm misunderstanding your report, the problem is in the formail > utility which comes with procmail, not procmail itself. This should be > clarified in the title of the vuln, perhaps as "heap overflow in > procmail's formail utility" rather than "heap overflow in procmail". > > Rich I'm not sure what "title" you mean, are you referring to my email subject? If you are, I think "<problem> in <package>" is pretty reasonable, but perhaps this is subjective (hah!). Tavis.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ