Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Jan 2017 13:27:09 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: invalid free in GNU ed before 1.14.1

On Thu, 12 Jan 2017 13:10:41 +0100
Florian Weimer <fweimer@...hat.com> wrote:

> There is red/ed -r.  I wouldn't rely on it for security isolation,
> but the functionality does exist.

Oh, that's interesting.

I can confirm that it crashes also in restricted / red (-r) mode.
Therefore it should probably be considered a vulnerability.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ