|
From: | Peter O'Gorman |
Subject: | Re: libltdl is inefficient and a security hazard |
Date: | Thu, 05 Nov 2009 18:32:20 -0600 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4pre) Gecko/20091014 Fedora/3.0-2.8.b4.fc11 Thunderbird/3.0b4 |
On 11/05/2009 05:18 PM, Bob Friesenhahn wrote:
Am I missing something obvious? Why do I feel like no one is taking this security issue seriously at all? I first notified that libltdl was wrongly dlopening() with a bare archive file name on October 25th (and included system call traces from a number of systems) and it is November 5th already.
Hi Bob, I thought you were going to propose patches for these issues, sorry. I'll look into it. Peter -- Peter O'Gorman http://pogma.com
[Prev in Thread] | Current Thread | [Next in Thread] |