Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 27 Sep 2014 15:26:01 +0200 (CEST)
From: Roman Drahtmueller <draht@...altsekun.de>
To: oss-security@...ts.openwall.com
Subject: Re: Fwd: Non-upstream patches for bash

> 
> FWIW, I'm pretty sure I bumped into another bad-looking and probably
> exploitable parser issue; for now, I sent the details privately to
> Chet, Florian, and Alexander. But the bottom line is, the parser
> really shouldn't be exposed to the outside world.
> 

By way of exposing the parser to potentionally harmful content: Is the 
importing of functions the only occasion, or are there more than this?

Thanks,
Roman.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ