22 Apr 2000 bcollins   » (Master)

Bummer, some major /tmp races found in OpenLDAP by RHAT, and narry a single post on the OpenLDAP lists about it. This is the second time I've seen Christian Gafton find a serious security hole in a program, and post the vulnerability, but not give feedback to the upstream.

The last time was in Linux-PAM. The sad part with that was that the section of code where the problem was, came FROM Gafton himself! Andrew Morgan (the Linux-PAM author) was quite surprised to find out about a RHAT vulnerability announcement from a Debian developer :/

Such is life, not everyone is as great as yourself :)

Spent some time with my 3 year old and wife (who is expecting in Aug :) today. Getting ready for Easter and all....and now it's time for bed.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!