[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RHSA-1999:035-02] Updated XFree86 3.3.5 packages available

My apologies if you replied to the mail quoted below; I never received one.

As far as I can tell, Red Hat's webpages have not been updated with the
corrected information.  Are there any plans to do so?

On Mon, Sep 20, 1999 at 12:30:04AM -0400, branden wrote:
> Hi Preston,
> In Red Hat's recent announcement, there is the following text:
> > Thanks go to Branden Robinson <branden@debian.org> for discovering a
> > possible symlink attack in the xkb extension initialization at server
> > startup time.
> I appreciate the mention, but I cannot claim credit for having discovered
> this vulnerability.  Credit for that, as far as I know, goes to Olaf Kirch
> <okir@lst.de>, who announced it to the vendor-sec list.
> I did, however, author the fix, which was accepted into the XFree86 source
> tree upstream and which I mailed to you.

G. Branden Robinson              |
Debian GNU/Linux                 |      Music is the brandy of the damned.
branden@ecn.purdue.edu           |      -- George Bernard Shaw
cartoon.ecn.purdue.edu/~branden/ |

Attachment: pgpmIEMth539h.pgp
Description: PGP signature

Reply to: