Re: HFS+ specific vulnerability

To: debian-lts@lists.debian.org
Subject: Re: HFS+ specific vulnerability
From: Brian May <bam@debian.org>
Date: Fri, 03 Jun 2016 18:13:43 +1000
Message-id: <[🔎] 87zir27kqw.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 8737ou8zpp.fsf@prune.linuxpenguins.xyz>
References: <[🔎] 871t4g9h01.fsf@prune.linuxpenguins.xyz> <[🔎] 1464853872.2847.92.camel@decadent.org.uk> <[🔎] 8760tq91jf.fsf@prune.linuxpenguins.xyz> <[🔎] 8737ou8zpp.fsf@prune.linuxpenguins.xyz>

Brian May <bam@debian.org> writes:

> I think there would need to be some code to disable the UDF code if it
> isn't a UDF file system. Even if just for compression not
> decompression. Still looking for this however.

Just realized I have been talking a lot of nonsense. UDF support isn't
about compressing files from UDF file systems, it is about compressing
UDF images. So yes, it is a format issue like Ben said, and it should
get fixed.

I suspect that the HFS+ issue is not a problem, as I can't see the
vulnerable code, however I will double check this again tomorrow.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: HFS+ specific vulnerability
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: HFS+ specific vulnerability
  - From: Brian May <bam@debian.org>

References:
- HFS+ specific vulnerability
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: HFS+ specific vulnerability
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: HFS+ specific vulnerability
  - From: Brian May <bam@debian.org>
- Re: HFS+ specific vulnerability
  - From: Brian May <bam@debian.org>

Prev by Date: Re: HFS+ specific vulnerability
Next by Date: Re: HFS+ specific vulnerability
Previous by thread: Re: HFS+ specific vulnerability
Next by thread: Re: HFS+ specific vulnerability
Index(es):
- Date
- Thread