Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 20 Jul 2015 15:23:23 +0200
From: "Jason A. Donenfeld" <>
To: oss-security <>
Cc: Seth Arnold <>,
Subject: Re: siege: off-by-one in load_conf()

Hi folks,

Chiming in on behalf of Gentoo Security Team. Bug report here, see
comment 5:

In sum, I also fail to see how this is a security issue. Does anybody
make siege SUID, or give it untrusted input, or anything like that?
@ago - what's the attack vector you have in mind with this bug? Feel
free to find me in #gentoo-security if you want to work out
conversationally what you have in mind with this finding.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ