[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 2.99.50s17 available as tarball. SECURITY WARNING
On Tue, 11 May 1999, Matti Aarnio wrote:
> Very good question. How much could I tell without endangering
> everybody's servers ? To my knowledge I am only one who knows
> its precise nature, and I would prefer it to stay that way.
> I would prefer this *not* to appear at bugtraq in form of an exploit...
The workaround is easy, and you've posted it to the list, so I wouldn't
worry about that. I'd just like to be able to test my servers for
> If there is demand, I can back-port the fix to older versions too.
That'd be appreciated, but if you do that you might as well just disclose
the bug (in fact since anyone can diff between -s17 and previous releases,
it probably wouldn't be too hard to figure it out as it is).