[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security flaw in klock (fwd)
From: Martin Jones <mjones () powerup ! com ! au>
Date: 1999-06-24 12:13:20
[Download RAW message or body]
Harri Porten wrote:
>
> Martin Jones wrote:
> >
> > So if the timer is triggered while we are waiting for
> > kcheckpass to complete, the dialog is deleted. When
> > kcheckpass completes, we continue on but the dialog has
> > been deleted from under us -> crash.
> >
> > This is easier to replicate if kcheckpassis slow on your
> > particular machine. I can replicate this bug very easily
> > by adding a sleep(2) to kcheckpass. I am applying this
>
> Ahh. I was already trying to modify some timeouts to force the bug.
>
> > patch to the 1.1 and head branches.
>
> Thanks Martin. I think our "reaction time" was quite good. One hour ?
>
> Would you like to formulate a response for BugTraq as well (after we
> have received confirmations that the bug is really fixed) ?
I've done this already.
--
Martin Jones
mjones@kde.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic