Re: [Linux] klogd 1.3-22 buffer overflow

tomainoHOME.COM

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Phillip Vandry: "Re: KDE 1.0's klock can be used to gain root priveledges"
• Previous message: securityPENGUIN.NET.AU: "Re: [Linux] klogd 1.3-22 buffer overflow"
• Maybe in reply to: Michal Zalewski: "[Linux] klogd 1.3-22 buffer overflow"

First of all, I know this is a moderated group..  and this message is
all my oppinion and nothing really important.


Martin Schulze wrote:
>     When reporting security related bugs you should *always* try to
>     use the current version of a package instead of an ancient old
>     one.

Not every system uses the latest version of every piece of software. The
upkeep required to do that on most systems would be ridiculous. The need
for this list is to report bugs in software the readers might be using,
which is not always the latest version.

I don't think it is a reflection of poor skills if your software has a
bug reported on this list. No system is 100% bug free, the more you look
for bugs, the more you will find generally.



Mike.

• Next message: Phillip Vandry: "Re: KDE 1.0's klock can be used to gain root priveledges"
• Previous message: securityPENGUIN.NET.AU: "Re: [Linux] klogd 1.3-22 buffer overflow"
• Maybe in reply to: Michal Zalewski: "[Linux] klogd 1.3-22 buffer overflow"