Re: Will the Open Group consider incorporating software security features in its software technical standards given the fact that these days lots of software are getting hacked?

Amit via austin-group-l at The Open Group Sun, 01 Feb 2026 02:56:37 -0800

On Sun, 1 Feb 2026 at 16:17, Guy Harris <[email protected]> wrote:
>
> On Jan 31, 2026, at 4:24 AM, Amit <[email protected]> wrote:


> > https://nvd.nist.gov/vuln/detail/CVE-2026-1251: Missing validation on
> > a user controlled key.
>
> That's an input validation issue, but it does not appear to be a "make sure 
> the string isn't too long" issue.
>

There are two issues: length/size of the input and sanitization of the input.

For now, I am focussed on the length/size of the input. At least with
this, we will
be able to reduce some insecurity. Something is better than nothing.

But, since the Open group is not open for a new security oriented
POSIX standard,
so then there is no point in me continuing this discussion.

So, I am stopping this discussion here.

Amit

Re: Will the Open Group consider incorporating software security features in its software technical standards given the fact that these days lots of software are getting hacked?

Reply via email to