[Pkg-shadow-devel] Bug#628843: Ping
Moritz Muehlenhoff
jmm at inutil.org
Fri Dec 23 20:19:50 UTC 2011
On Mon, Oct 17, 2011 at 11:17:32PM +0200, Nicolas François wrote:
> Regarding this bug
> * Arne, I do not know if your ping was related to the potential security
> impact, but it could help to have an assessment of the proposed solution
> (and also comment 46)
Judging from the available documentation it seems fine, but I suggest
you consult Alan Cox (alan at linux.intel.com), who's done most of the
Linux tty scrutiny in the recent years for a second opinion.
> * It did not seem that critical to me (e.g. in the pointed
> comp.security.oss.general thread, there were no agreement for a CVE)
FWIW, this has been assigned CVE-2005-4890 in the mean time. This has
low impact, but it would be nice if we could fix this up in a stable
point update for Squeeze.
Cheers,
Moritz
More information about the Pkg-shadow-devel
mailing list