[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ANNOUNCE Xmlm 1.0.2



Hi,
* Romain Beauxis <toots@rastageeks.org> [2009-11-17 21:08]:
> Le mardi 17 novembre 2009 13:00:37, Nico Golde a écrit :
> > > Nico Golde a écrit :
> > > > Did someone already evaluate if this results only in a crash or can
> > > > also  result in code execution? if it's only a DoS I think it shouldn't
> > > > be a big deal.
> > >
> > > 
> > > It fixes only a possible DoS.
> > 
> > Ok. Is it used by anything that actually does act as a service?
> 
> Not in Debian as far as I know.

Ok I think it's not worth a DSA in this case. Do you need a CVE id for this?

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgpPNmZcmJYq9.pgp
Description: PGP signature


Reply to: