set weed=off in .muttrc for the issue to present.
Cheers,
--
Murray McAllister / Red Hat Product Security
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/STDOUT/STDERR corruption
due to shared file descriptors.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770222
https://trac.xiph.org/ticket/2089
Cheers,
--
Murray McAllister / Red Hat Product Security
https://bugzilla.redhat.com/show_bug.cgi?id=1165880
--
To UNSUBSCRIBE
=767227
Could a CVE please be assigned?
Thanks,
--
Murray McAllister / Red Hat Product Security
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282
Could a CVE please be assigned?
Thanks,
--
Murray McAllister / Red Hat Product Security
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 06/20/2014 04:02 PM, Salvatore Bonaccorso wrote:
Hello Murray,
(keeping the Cc on the bureport to answer this also there):
On Fri, Jun 20, 2014 at 03:46:30PM +1000, Murray McAllister wrote:
[...]
The Debian bug also notes a similar issue was fixed in ldns - I've
asked for more details
Hi Ondřej,
As noted in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752092,
you fixed a similar issue in ldns. Are you able to share in details
about what the issue in ldns is?
Thanks,
--
Murray McAllister / Red Hat Product Security
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
://manpages.ubuntu.com/manpages/precise/man1/softhsm-keyconv.1.html
Cheers,
--
Murray McAllister / Red Hat Product Security
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
was affected, which uses ctags
5.8-10.
Cheers,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
MACs
Editing Configuration File Disables MACs
There are currently no patches.
I am not familiar enough with cryptography to know if they need CVEs, or
are considered hardening (the last one sounds CVE worthy though)
Cheers,
--
Murray McAllister / Red Hat Security Response Team
https
cross-origin xmlhttprequests with the content type set to
application/json but you can set it to text/plain;application/json
instead and bottle will accept it.
Can a CVE please be assigned if one has not been already?
Thanks,
--
Murray McAllister / Red Hat Security Response Team
https
Hello,
Jakub Wilk discovered that clang's scan-build utility insecurely handled
temporary files. Full details in his report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
Can a CVE please be assigned?
Cheers,
--
Murray McAllister / Red Hat Security Response Team
https
be escaping ';' too if not already?)
Thanks,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Hi all,
The patch in https://bugzilla.redhat.com/show_bug.cgi?id=881411 possibly
fixes it. I am not familiar with the issue or tested extensively, but
with non-fixed version the page loaded fine, with the version in Fedora
(which that bugzilla is for) I get an SSL error.
--
Murray
the
perltidy.TMP on Windows or Mac OS X etc would.
Thanks,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
a CVE please be assigned if one has not been already?
Thanks,
--
Murray McAllister / Red Hat Security Response Team
https://bugzilla.redhat.com/show_bug.cgi?id=1069066
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
=60dabde18d7fe12b19da8b509bdfee9cc886aafc
Cheers,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
=60dabde18d7fe12b19da8b509bdfee9cc886aafc
Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1056699
Thanks,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
On 02/06/2014 02:59 PM, Murray McAllister wrote:
Hello,
Jakub Wilk reported insecure temporary file use in f2py. From
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737778:
numpy/f2py/__init__.py contains this code:
from numpy.distutils.exec_command import exec_command
import
,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
a little time looking but could not determine if a release was
made to fix only part of the problem. So one ID is fine by us.
bug #27155 just contains some gdb output. Therefore I assumed it was
public and didn't check before sending it here.
Thanks for looking at this.
--
Murray McAllister
On 02/03/2014 05:12 PM, Murray McAllister wrote:
Hello,
Jakub Wilk found that a2ps, a tool to convert text and other types of
files to PostScript, insecurely used a temporary file in spy_user(). A
local attacker could use this flaw to perform a symbolic link attack to
modify an arbitrary file
://bugzilla.redhat.com/show_bug.cgi?id=1060630
Thanks,
--
Murray McAllister / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
22 matches
Mail list logo