Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <041f8f08-d2d2-d1ec-78f3-18b3d5f6160e@oracle.com>
Date: Fri, 14 Oct 2016 11:57:15 +0100
From: John Haxby <john.haxby@...cle.com>
To: oss-security@...ts.openwall.com
Subject: Re: kernel: Stack corruption while reading /proc/keys
 (CVE-2016-7042)

On 14/10/16 07:18, P J P wrote:
> +-- On Thu, 13 Oct 2016, John Haxby wrote --+
> | On 13/10/16 13:46, Vladis Dronov wrote:
> | > https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch)
> | 
> | This bug isn't accessible.   Do you think you could post the reproducer
> | or open the bug please?
> 
> Please see this one:
>   -> https://bugzilla.redhat.com/show_bug.cgi?id=1373966
> 
> Thank you.

Sorry, that's not why I was asking.  You provided links to two bugs: one
has the patch and a reproducer, the other has the patch.  Unfortunately
the former is a link to a bug that no one outside Red Hat has access to.
 In the past when people have posted links to oss-security that do not
have general access the access permissions have been relaxed or the
relevant content posted on the list.

That's what I was asking for:  inaccessible links are not helpful on an
open list.

jch

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.