Re: libltdl is inefficient and a security hazard

bug-libtool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libltdl is inefficient and a security hazard

From:	Peter O'Gorman
Subject:	Re: libltdl is inefficient and a security hazard
Date:	Thu, 05 Nov 2009 18:32:20 -0600
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4pre) Gecko/20091014 Fedora/3.0-2.8.b4.fc11 Thunderbird/3.0b4

On 11/05/2009 05:18 PM, Bob Friesenhahn wrote:

Am I missing something obvious? Why do I feel like no one is taking this
security issue seriously at all? I first notified that libltdl was
wrongly dlopening() with a bare archive file name on October 25th (and
included system call traces from a number of systems) and it is November
5th already.


Hi Bob,

I thought you were going to propose patches for these issues, sorry.

I'll look into it.

Peter
--
Peter O'Gorman
http://pogma.com

[Prev in Thread]

Current Thread

[Next in Thread]

Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/04
- Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05
  - Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05
    - Re: libltdl is inefficient and a security hazard, Peter O'Gorman, 2009/11/05
    - Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05
    - Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05
    - Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05
    - Re: libltdl is inefficient and a security hazard, Peter O'Gorman <=
    - Re: libltdl is inefficient and a security hazard, Bob Friesenhahn, 2009/11/05

Prev by Date: Re: libltdl is inefficient and a security hazard
Next by Date: Re: libltdl is inefficient and a security hazard
Previous by thread: Re: libltdl is inefficient and a security hazard
Next by thread: Re: libltdl is inefficient and a security hazard
Index(es):
- Date
- Thread