Hi,
* Thierry Zoller [2009-05-28 23:38]:
[...]
> General comment: I am interesting to see the kind of feedback I
> get when posting an Firefox bug as opposed to bugs of other vendors.
> It's almost like you hit a little boy and everybody steps into for
> his defence.
>
> Anyways, too muc
Thierry Zoller wrote:
> > A memory leak in an interactive program that requires you to view a
> > hostile page for 9hours is clearly of negligible security impact.
> Ok I will take the strawman :
Your random application of meaning to terminology is at least entertaining.
> Only a few bytes of "k
Hi Travis,
With all due respect:
>A memory leak in an interactive program that requires you to view a hostile
>page for 9hours is clearly of negligible security impact.
Ok I will take the strawman :
The impact is Denial of Service.
Ignoring that this discussion is of *any* interest to anybod
Thierry Zoller wrote:
> Hi Tavis,
>
> The bug title says Denial of service, not information leak, or crypto
> leak or whatever.
I'm confused what it is you're replying to, I was clearly pointing out your
misunderstanding of the term "memory leak" in the "impact" section of your
post lead you t
Thierry Zoller wrote:
> According to a Bugzilla entry memory is also leaked during the process.
>
> So let's recap, we have a function that generates key material and looping
> causes memory to leak. One might think this should be important enough to
> investigate, especially if you know that for
Looks like some doctors have made some in vitro fertilization fuzzing with
jeremy a while ago ...
2009/5/27 Jeremy Brown <0xjbrow...@gmail.com>
> Looks like somebody's been using a browser fuzzer :)
>
> On Wed, May 27, 2009 at 9:14 PM, Thierry Zoller wrote:
> > __
Looks like somebody's been using a browser fuzzer :)
On Wed, May 27, 2009 at 9:14 PM, Thierry Zoller wrote:
>
>
> From the very-low-hanging-fruit-department
> Firefox Denial of Service (KEYGEN)
From the very-low-hanging-fruit-department
Firefox Denial of Service (KEYGEN)
Release mode: Forced release.
Ref
