Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution

To: debian-security@lists.debian.org
Subject: Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
From: Andrew Vaughan <ajv-lists@netspace.net.au>
Date: Thu, 9 Mar 2006 21:16:42 +1100
Message-id: <[🔎] 200603092116.43253.ajv-lists@netspace.net.au>
In-reply-to: <[🔎] slrne0tb0q.7qf.jmm@inutil.org>
References: <20060307141958.GA6762@informatik.uni-bremen.de> <[🔎] 200603081029.06120@eos.attique.ici> <[🔎] slrne0tb0q.7qf.jmm@inutil.org>

On Wed, 8 Mar 2006 21:04, Moritz Muehlenhoff wrote:
> Mathieu Roy wrote:
> >> > What does mean
> >> > 	local(remote)
> >> >
> >> > Does it means local... or remote?
> >>
> >>   Local.  But remote in the sense that you may receive a .tar file
> >>  from a remote source.
> >
> > Ok, thanks for the input.
> >
> > Looks like oxymoron, a bit confusing though (but I have no proposal for
> > alternative wording).
>
> This question comes from time to time. If someone wants to write a FAQ
> entry for the Debian Security FAQ, please send it to
> team@security.debian.org
How about just changing the wording in the DSA to
local, plus files obtained from an untrusted source.

>
> Cheers,
>         Moritz

Reply to:

References:
- Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
  - From: Mathieu Roy <yeupou@coleumes.org>
- Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
Next by Date: UNSUBSCRIBE
Previous by thread: Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
Next by thread: Re: [gna-private] [SECURITY] [DSA 987-1] New tar packages fix arbitrary code execution
Index(es):
- Date
- Thread