Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130524075833.GC11682@kludge.henri.nerv.fi>
Date: Fri, 24 May 2013 10:58:33 +0300
From: Henri Salo <henri@...v.fi>
To: Kurt Seifried <kseifried@...hat.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: plone, rrdtool, zenoss bugs

On Fri, May 24, 2013 at 01:37:59AM -0600, Kurt Seifried wrote:
> Ho likely is an attacker to be able to pass a format string to it though?

Hard to say how many and which applications are using this library with user
input. At least original reporter pointed out Zenoss-case. I can find out if
there is others if that is needed, but obviously it's impossible to list all use
cases.

---
Henri Salo

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.