Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 09 Dec 2014 15:33:03 -0800
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: oss-security@...ts.openwall.com
CC: Ilja Van Sprundel <ivansprundel@...ctive.com>
Subject: Re: Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol
 handling issues in X servers

[This dances back and forth all over the line between on-topic and off-topic
  for this list, apologies if it falls on the wrong side.]

On 12/ 9/14 08:04 AM, Alan Coopersmith wrote:
> Other providers of Xserver or GLX implementations based on the same
> code base (the X Consortium or X.Org Foundation X sources, or the
> SGI GLX sources) will announce the availability of any fixes necessary
> for their implementations.

One such provider who uses the permissively licensed (MIT) GLX code in
their closed source software which is redistributed in and for a number
of open source OS'es is NVIDIA, who has released their own advisory now:

https://nvidia.custhelp.com/app/answers/detail/a_id/3610

-- 
	-Alan Coopersmith-              alan.coopersmith@...cle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.