On Sun, Nov 01, 2020 at 04:58:41PM +0100, Daniel Leidert wrote:
> Am Sonntag, den 01.11.2020, 14:14 +0100 schrieb Ole Streicher:
>
> > I just stumbled upon the following web page:
> >
> > https://cyber-itl.org/2020/10/28/citl-7000-defects.html
>
> The list misses the package version. IMHO this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I got my reports for two of my packages (I'm upstream for both too).
The first problem is I couldn't find what version of the program they found
the bug in. I also looked closely at one specific example and it didn't
crash at all. Unless there was
On Sun, 2020-11-01 at 14:56 -0800, Russ Allbery wrote:
> Utkarsh Gupta writes:
>
> > That said, it'd be a bit weird if they don't report these issues and ask
> > for a CVE assignment against these. Anyway, the security team might
> > know more about this.
>
> It appears to be the output of
Utkarsh Gupta writes:
> That said, it'd be a bit weird if they don't report these issues and ask
> for a CVE assignment against these. Anyway, the security team might
> know more about this.
It appears to be the output of automated fuzz testing, which based on past
experience means that a
Le 01/11/2020 à 21:34, Colin Watson a écrit :
> On Sun, Nov 01, 2020 at 03:13:24PM +0100, Xavier wrote:
>> Ubuntu is based on testing and does not import our fixes after its
>> release (except a few list), then it's normal to find a lot of
>> vulnerabilities.
>
> It's not really relevant to this
On Sun, Nov 01, 2020 at 03:13:24PM +0100, Xavier wrote:
> Ubuntu is based on testing and does not import our fixes after its
> release (except a few list), then it's normal to find a lot of
> vulnerabilities.
It's not really relevant to this CITL list; but just on a point of
information, Ubuntu
Am Sonntag, den 01.11.2020, 14:14 +0100 schrieb Ole Streicher:
> I just stumbled upon the following web page:
>
> https://cyber-itl.org/2020/10/28/citl-7000-defects.html
The list misses the package version. IMHO this is rather vital information.
They also used Ubuntu 18.04 which is more then
Am So., 1. Nov. 2020 um 15:22 Uhr schrieb Xavier :
>
> Hi,
>
> Ubuntu is based on testing and does not import our fixes after its release
> (except a few list), then it's normal to find a lot of vulnerabilities. See
> https://lemonldap-ng.org/documentation for exemple
>
>
> Le 1 novembre 2020
Hi,
Ubuntu is based on testing and does not import our fixes after its release
(except a few list), then it's normal to find a lot of vulnerabilities. See
https://lemonldap-ng.org/documentation for exemple
Le 1 novembre 2020 14:59:32 GMT+01:00, Utkarsh Gupta a
écrit :
>[CCing
[CCing team@security.d.o]
On Sun, Nov 1, 2020 at 7:09 PM Ole Streicher wrote:
> I just stumbled upon the following web page:
> https://cyber-itl.org/2020/10/28/citl-7000-defects.html
> They claim to have found ~7000 defects in Ubuntu packages (a number of
> those are maintained by me).
On a
Hi,
Le 01/11/2020 à 14:14, Ole Streicher a écrit :
> Hi all,
>
> I just stumbled upon the following web page:
>
> https://cyber-itl.org/2020/10/28/citl-7000-defects.html
>
> They claim to have found ~7000 defects in Ubuntu packages (a number of
> those are maintained by me).
>
> Does anyone
Hi all,
I just stumbled upon the following web page:
https://cyber-itl.org/2020/10/28/citl-7000-defects.html
They claim to have found ~7000 defects in Ubuntu packages (a number of
those are maintained by me).
Does anyone have more information about this? Or did I miss a discussion
here about
12 matches
Mail list logo
