[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Ve

From: Thomas Dickey
Subject: RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Date: Fri, 28 Oct 2005 21:12:31 -0400 (EDT)

On Fri, 28 Oct 2005, Greg MacManus wrote:


That looks like it will do it.

The original vulnerability discoverer wishes to be credited as 'vade79',
so he should probably be credited instead of me.

ok (actually the credit should still list you as well, since you provided feedback with a suggestion on how to resolve this - but it's up to you
if you don't want your name on it).

This says "multiple vendor" in the title:

        Have the vendors been contacted?
        (who's responsible for doing that)

        Do they need a patch against 2.8.5?
        (it's not a difficult patch to resync)

        What's the timeframe for resolving this?

I expect that I can make a new fix for 2.8.5 this weekend, putting that in

Thomas E. Dickey

reply via email to

[Prev in Thread] Current Thread [Next in Thread]