2009/11/5 Tobias Ulmer <tobi...@tmux.org>: > Dear sweetheart, > > On Thu, Nov 05, 2009 at 01:12:58AM +0100, Claire beuserie wrote: >> Yes, I know, I was present in the room when Illja gave the talk in 2006 at >> the CCC Kongress and the two OpenBSD developers in the room decided to >> completely ignore the exploit he showed until Miod reproduced it two weeks >> later... > > > http://events.ccc.de/congress/2006/Fahrplan/day_4.en.html: > Schedule Day 4: 30.12.2006 > 11:30 > Unusual bugs Ilja > > http://openbsd.org/errata39.html: > 017: SECURITY FIX: January 3, 2007 i386 only > Insufficient validation in vga(4) may allow an attacker to gain root > privileges if the kernel is compiled with option PCIAGP and the actual > device is not an AGP device. The PCIAGP option is present by default on > i386 kernels only. > > http://blogs.23.nu/ilja/2007/01/: > "So one of the things I noticed after my unusual bugs talk, the OpenBSD > guys fix bugs _FAST_. I mean really fast ! bugfix and announcement > within a few days. Not many vendors can pull that off." > > Two weeks, eh? Want it in a black frame with a white caption > reading "EPIC FAIL"? I'd start gimp for that.
Way ahead of you here: http://imgur.com/f5UZ9.jpg
