Re: Security bug in old libgtop-1.0
- From: Bastien Nocera <hadess hadess net>
- To: Andrew Sobala <aes gnome org>
- Cc: GNOME Desktop Hackers <desktop-devel-list gnome org>, martin home-of-linux org, dave srce hr
- Subject: Re: Security bug in old libgtop-1.0
- Date: 11 May 2003 13:34:46 +0100
On Sun, 2003-05-11 at 13:25, Andrew Sobala wrote:
> Another bug heads-up. Apparently we're distributing libgtop-1.0 with a
> remote exploit (http://bugzilla.gnome.org/show_bug.cgi?id=112765). The
> bug's got a patch.
> Although it's unmaintained, I think we should fix this since some apps
> will still be using it. If the maintainers think it's too much work and
> give me the OK, I'll do the release (with just that one patch on top of
> the last 1.0 release).
Martin was the maintainer at the time, and I don't think he is very
interested in fixing this issue.
I guess you can release a fixed version. Is libgtop 2.x vulnerable?
Bastien Nocera <hadess hadess net>
] [Thread Prev