Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 17 Apr 2015 14:50:32 -0700
From: Tavis Ormandy <taviso@...gle.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Problems in automatic crash analysis frameworks

On Fri, Apr 17, 2015 at 1:54 PM, Grandma Eubanks <tborland1@...il.com>
wrote:
> Just to enter into the fray, I reported a simple dmesg_restrict bypass and
> found a lot of these recent more recent 'information' disclosures a while
> ago with minimal changes:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1128400
>

Ugh, definitely needs to be fixed.

I've been waiting for some commits before I look any further, as I don't
know if each issue is going to be addressed individually or if some
rearchitecturing will resolve everything.

Tavis.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ