You should release the patch considering how long we'll have to wait for them to release 1.4.8. They are notoriously slow.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kate Sent: Sunday, March 06, 2011 3:38 AM To: 'Half-Life dedicated Linux server mailing list' Subject: Re: [hlds_linux] SourceBans hack in the open... Peter: I'm actually going to wait until they contact me. I read about the XSS vuln and their apparent lack of resolution for the issue. (http://www.1337day.com/exploits/15369) Vathral: I figured out how exploited our instance by looking through the source and mucking about. I'm actually surprised that it wasn't found long ago. :( I even wrote a quick step-by-step to both duplicate the issue(log in as an admin) and a patch to the source. The patch however would show the exploit fairly easily so I'm concerned about releasing that detail. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
