1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Hi, folks |
5 |
|
6 |
I'm attempting to determine if the recent CVS security advisory should be |
7 |
rated as 'high' or 'critical'. The bug involves a global pointer-to-heap |
8 |
that may be forced to free twice. The issue is whether or not Linux is |
9 |
fundamentally vulnerable to double-free bugs (which, for example, on BSD |
10 |
might permit execution of arbitrary code). |
11 |
|
12 |
The advisory doesn't seem to indicate whether Linux is subject to the same |
13 |
vulnerabilty to a double-free problem. |
14 |
|
15 |
Anyone know offhand? |
16 |
- -- |
17 |
AJ Armstrong |
18 |
aja@×××××××××××××.com |
19 |
|
20 |
Memes are a hoax. Pass it on. |
21 |
-----BEGIN PGP SIGNATURE----- |
22 |
Version: GnuPG v1.2.1 (GNU/Linux) |
23 |
|
24 |
iD8DBQE+MbZzSgEAcQ45BAYRAmUNAJ0X7zSKYUg90SWe5iQ5eVT7YZiUoQCeMSw5 |
25 |
e2OfuC6y306qQ2lmoC0/9PU= |
26 |
=4fhl |
27 |
-----END PGP SIGNATURE----- |
28 |
|
29 |
|
30 |
-- |
31 |
gentoo-dev@g.o mailing list |