Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CACqxkWLqdgyMNidzGuffrrudaFYu+ip34V0iLgerSOS=QETniA@mail.gmail.com>
Date: Tue, 21 Jan 2020 17:36:25 +0000
From: Nick Boyce <nick.boyce@...il.com>
To: oss-security@...ts.openwall.com
Cc: matthias.gerstner@...e.de
Subject: Re: CVE-2020-7040: storeBackup: denial of service and
 symlink attack vector via fixed lockfile path /tmp/storeBackup.lock

On Mon, 20 Jan 2020 at 13:42, Matthias Gerstner <mgerstner@...e.de> wrote:

> storeBackup [1] is a tool for performing disk-to-disk backups.
[...]
> [1]: http://storebackup.org

Er ... when I looked just now, the page at that URL began :

> How to Create Cryptocurrency – Simple Strategy

and continued:

> Everyone is aware of the bitcoin which is the cryptocurrency
> trending in the world of IT

In "the world of IT" we are instantly wondering who exactly has
written this webpage about a backup utility ....   Should we tell the
site owner his site may have been stolen ?

Matthias ?

Cheers,
Nick

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.