Date: Wed, 11 Jul 2012 11:05:03 +0200 From: Sebastian Krahmer <krahmer@...e.de> To: oss-security@...ts.openwall.com Cc: simon.mcvittie@...labora.co.uk Subject: Re: libdbus hardening Hi, Ok. We are not in a hurry. I added the new patch to https://bugzilla.novell.com/show_bug.cgi?id=697105 using __secure_getenv(). You seem to be in the AUTHORS list, so is this Cc enough to notify upstream? :) Sebastian On Tue, Jul 10, 2012 at 06:37:40PM +0100, Simon McVittie wrote: > On 10/07/12 14:09, Sebastian Krahmer wrote: > > We are going to add a libdbus hardening patch: > > I haven't seen any mention of this upstream, despite the Novell bug > apparently being two months old. Please send it upstream for discussion > and review. > > smcv (currently on holiday, so won't be reviewing it right now) -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team --- SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.