On 2005-04-01 02:39:57 -0500 Francesco P. Lovergine
[EMAIL PROTECTED] wrote:
Nice news. I'll keep an eye to the proposed patches before committing.
The symlink exploit should be obviously manageable.
Upstream says that he also thinks my patches fix the bug.
severity 301430 serious
tags 301430 + patch
tags 301430 + upstream
tags 301430 + security
thanks
On Thu, Mar 31, 2005 at 08:46:41PM -0500, Hubert Chan wrote:
I believe this bug is fixed by two patches that can be found at:
http://uw-dig.uwaterloo.ca/~hy3chan/patches/openmosixview/1.5/
I believe this bug is fixed by two patches that can be found at:
http://uw-dig.uwaterloo.ca/~hy3chan/patches/openmosixview/1.5/
(patches 20-logdirectory.diff and 50-nonodestmp.diff). I think
that they should apply cleanly without the other patches -- probably
at worst with some fuzz. I'm
Package: openmosixview
Severity: important
Tags: security
According to an advisory by Rexotec several race conditions exist
in OpenMosixView that permit a malicious user to trash the filesystem
of a cluster node. For full details and a demo exploit please see
4 matches
Mail list logo
