[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: [RHSA-1999:017-01] Potential security problem in Red Hat 6.0
From:       Andreas Bogk <andreas () ANDREAS ! ORG>
Date:       1999-06-25 21:14:18
[Download RAW message or body]

Raymond Dijkxhoorn <raymond@THRIJSWIJK.NL> writes:

> 7. Problem description:
>
> Several potential buffer overruns have been corrected within the net-tools
> package.

Very helpful. I'm running LinuxPPC here, which is partly based on
RedHat. Could someone from RedHat please identify the programs in
question, their version numbers, the history of the code or something
else which allows me to find out whether I'm affected or not?

No, Im not asking "gimme the xpl0itz". Far from it. But such
announcements just don't help me. Instead they give me the uneasy
feeling that out there are people which know about a security problem
on my machine and don't tell me about it.

Andreas

--
"We show that all proposed quantum bit commitment schemes are insecure because
the sender, Alice, can almost always cheat successfully by using an
Einstein-Podolsky-Rosen type of attack and delaying her measurement until she
opens her commitment." ( http://xxx.lanl.gov/abs/quant-ph/9603004 )

[prev in list] [next in list] [prev in thread] [next in thread]