[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Ve
RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Fri, 28 Oct 2005 21:12:31 -0400 (EDT)
On Fri, 28 Oct 2005, Greg MacManus wrote:
That looks like it will do it.
The original vulnerability discoverer wishes to be credited as 'vade79',
so he should probably be credited instead of me.
ok (actually the credit should still list you as well, since you provided
feedback with a suggestion on how to resolve this - but it's up to you
if you don't want your name on it).
This says "multiple vendor" in the title:
Have the vendors been contacted?
(who's responsible for doing that)
Do they need a patch against 2.8.5?
(it's not a difficult patch to resync)
What's the timeframe for resolving this?
I expect that I can make a new fix for 2.8.5 this weekend, putting that in
Thomas E. Dickey