Hi all,
Reading the bug about CVE-2011-2716, I think the only question left is this:
So, in all cases the variable is enclosed in double quotes.
Yes this look secure. What about the udeb script?
/debian/tree/busybox-udeb/usr/share/udhcpc/default.script:
do_resolv_conf() {
local
On 03.06.2012 13:43, Thijs Kinkhorst wrote:
Hi all,
Reading the bug about CVE-2011-2716, I think the only question left is this:
So, in all cases the variable is enclosed in double quotes.
Yes this look secure. What about the udeb script?
On Sun, June 3, 2012 12:29, Michael Tokarev wrote:
The version of busybox currently in experimental verifies
all the strings returned by dhcpd and if any bad char is
found, it replaces the whole thing with literal string
bad when exporting the variable to the script. So
there should be no
On 03.06.2012 15:29, Thijs Kinkhorst wrote:
[]
Good! Will you ensure that 1.20 ends up in wheezy?
Yes I very much like to have at least this version
in wheezy.
Thanks,
/mjt
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
I'm Cc'ing the relevant bug# so others may see this information.
Hopefully you wont object -- the bug is public for a long time.
On 05.10.2011 16:04, Nico Golde wrote:
Hi,
* Nico Golde n...@ngolde.de [2011-10-05 11:21]:
* Michael Tokarev m...@tls.msk.ru [2011-10-05 10:34]:
On 05.10.2011
Hi,
* Michael Tokarev m...@tls.msk.ru [2011-10-05 20:44]:
I'm Cc'ing the relevant bug# so others may see this information.
Hopefully you wont object -- the bug is public for a long time.
No, not at all.
On 05.10.2011 16:04, Nico Golde wrote:
* Nico Golde n...@ngolde.de [2011-10-05 11:21]:
6 matches
Mail list logo