Alasdair Lumsden <[email protected]> wrote: > On 01/24/11 05:12 PM, Joerg Schilling wrote: > > > If you believe thare are security issues that need to be addressed, please > > make > > a bug report into the Schillix-ON Bug Tracking system: > > Hi Joerg, > > As we're currently using Illumos as our upstream ON, it makes sense for > us to file and track the bugs on the Illumos bug tracker. > > But we'll share info and cooperate where we can.
Thank you! > From what I've seen, they don't appear to have disclosed enough > information to locate and fix said security issues. As an example: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2632 > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2632 > > Completely unhelpful :-( This really looks bad. We need to find a way to get the related information that allows a fix. Does someone know what we might need to do in order to be able to get to sufficient information? Jörg -- EMail:[email protected] (home) Jörg Schilling D-13353 Berlin [email protected] (uni) [email protected] (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily _______________________________________________ oi-dev mailing list [email protected] http://openindiana.org/mailman/listinfo/oi-dev
