[Pkg-shadow-devel] Bug#628843: Ping

Moritz Muehlenhoff jmm at inutil.org
Fri Dec 23 20:19:50 UTC 2011

On Mon, Oct 17, 2011 at 11:17:32PM +0200, Nicolas François wrote:

> Regarding this bug
>  * Arne, I do not know if your ping was related to the potential security
>    impact, but it could help to have an assessment of the proposed solution
>    (and also comment 46)

Judging from the available documentation it seems fine, but I suggest
you consult Alan Cox (alan at linux.intel.com), who's done most of the
Linux tty scrutiny in the recent years for a second opinion.

>  * It did not seem that critical to me (e.g. in the pointed
>    comp.security.oss.general thread, there were no agreement for a CVE)

FWIW, this has been assigned CVE-2005-4890 in the mean time. This has
low impact, but it would be nice if we could fix this up in a stable
point update for Squeeze.


More information about the Pkg-shadow-devel mailing list