Re: RFS: hashalot (updated)
On Thu, Jan 24, 2008 at 09:10:11AM +0530, Kapil Hari Paranjape wrote:
> Hello,
>
> Some quick comments.
>
> On Thu, 24 Jan 2008, Adam Borowski wrote:
> > * Buffer overflow on RMD160:
> > It will cause only a crash instead of executing arbitrary code, and
> > considering the typical usage this is nearly always harmless. Yet, in
> > non-typical uses even wrong output can be pretty bad for a hash.
> >
> > A nearly-identical fix is already in Ubuntu (they move some functions
> > around without an apparent reason).
>
> Has this patch been submitted upstream?
Yes, albeit only a week ago.
--
1KB // Microsoft corollary to Hanlon's razor:
// Never attribute to stupidity what can be
// adequately explained by malice.
Reply to: