Re: Backport of the integer overflow in the brk system call

To: debian-devel@lists.debian.org
Subject: Re: Backport of the integer overflow in the brk system call
From: Henning Makholm <henning@makholm.net>
Date: 02 Dec 2003 18:21:46 +0000
Message-id: <[🔎] 87oeurf5c5.fsf@kreon.lan.henning.makholm.net>
In-reply-to: <[🔎] 20031202163151.GA20940@comcast.net>
References: <[🔎] 3FCBCF99.3000907@sentinel.dk> <[🔎] E1AR6Vn-0001YY-Vx@mid.downhill.at.eu.org> <[🔎] 20031202102343.GA7743@comcast.net> <[🔎] E1AR8O9-0002Pi-7j@mid.downhill.at.eu.org> <[🔎] 20031202141451.GC6613@compsoc.dur.ac.uk> <[🔎] 7ir7zn45tn.fsf@enark.csis.hku.hk> <[🔎] 20031202163151.GA20940@comcast.net>

Scripsit Tom <tb.31123.nospam@comcast.net>
> On Tue, Dec 02, 2003 at 11:06:44PM +0800, Isaac To wrote:

> > rather far from changing anything in the kernel memory.  Andreas is
> > definitely right that the hole doesn't look like that it is that dangerous.

> If it wasn't a big deal we wouldn't be talking about it.  It shut down 
> servers.  It's dangerous enough.

Whw Isaac said was that he understands why the kernel developer who
originally fixed the bug did not realize that it was security
critical.

-- 
Henning Makholm                        "Detta, sade de, vore rena sanningen;
                                 ty de kunde tala sanning lika väl som någon
                             annan, när de bara visste vad det tjänade til."

Reply to:

Follow-Ups:
- Re: Backport of the integer overflow in the brk system call
  - From: Frederik Dannemare <tux@sentinel.dk>

References:
- Backport of the integer overflow in the brk system call
  - From: Frederik Dannemare <tux@sentinel.dk>
- Re: Backport of the integer overflow in the brk system call
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: Backport of the integer overflow in the brk system call
  - From: Tom <tb.31123.nospam@comcast.net>
- Re: Backport of the integer overflow in the brk system call
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: Backport of the integer overflow in the brk system call
  - From: Jonathan Dowland <jmtd@compsoc.dur.ac.uk>
- Re: Backport of the integer overflow in the brk system call
  - From: Isaac To <kkto@csis.hku.hk>
- Re: Backport of the integer overflow in the brk system call
  - From: Tom <tb.31123.nospam@comcast.net>

Prev by Date: Re: Revival of the signed debs discussion
Next by Date: Re: Source only uploads? -- Survey evaluation
Previous by thread: Re: Backport of the integer overflow in the brk system call
Next by thread: Re: Backport of the integer overflow in the brk system call
Index(es):
- Date
- Thread