Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 28 Jul 2011 15:44:07 +0530
From: Huzaifa Sidhpurwala <>
Subject: Re: Re: two systemtap flaws: CVE-2011-2502 and CVE-2011-2503

On 07/28/2011 03:34 PM, Tavis Ormandy wrote:

> Interesting, I also looked at systemtap and found a local root
> (CVE-2010-4170), but was under the impression we had agreed it should be
> restricted to a privileged group?
> I stopped looking because I concluded that had eliminated any security risk,
> is that no longer the case?
I believe this does reduce the risk, but does not totally eliminate it.

Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.