Quoting Robert Watson <[EMAIL PROTECTED]> (from Sun, 25 Jun 2006
00:32:54 +0100 (BST)):
This isn't just not a huge security flaw, it's not a security flaw at
all. It is a reliability bug due to a mis-implemented API that results
in a clean failure in the presence of a well-characterized case. It
doesn't appear to be exploitable to gain privilege, deny service
rmeotely, etc. If this is a critical stability fix, it should be
treated as an errata patch candidate. In the future, please don't use
the "Security" tag for this type of change. However, do feel free to
e-mail re@ to talk about whether this is an errata patch candidate,
keeping secteam@ in the loop, as they currently own the 6.1 branch.
I didn't know what to use instead to mark up an important fix to the
people which own the branch. Do you think it is worth to add ... maybe
"Errata candidate:" to the commit template to draw attention to
something very early?
Bye,
Alexander.
--
MMM-MM!! So THIS is BIO-NEBULATION!
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
