The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FWD: Buffer overflow in sperl5.003



-----BEGIN PGP SIGNED MESSAGE-----

Here's an issue.  I can fix this specific buffer overflow problem in
perl 5.003.07 this weekend.  The fix has had only cursory checks; I'll
do more in a bit.

There is work afoot to find all the possible buffer overruns in the
suidperl code and get rid of them.  That *won't* be easily portable back
to 5.003.07 and would require us to go to perl 5.003.98 (or 5.004) while
frozen.

I would be reluctant to go with that latter option since some things
would probably break but then there is the issue of put out suidperl
with potential for further buffer overruns.

What do the folks here think?

Darren
- -- 
<torin@daft.com> <http://www.daft.com/~torin> <torin@debian.org> <torin@io.com>
Darren Stalder/2608 Second Ave, @282/Seattle, WA 98121-1212/USA/+1-800-921-4996
@ Do you have your clothes on? I probably don't. Take yours off. Feel better. @
@ Sysadmin, webweaver, postmaster for hire.  C/Perl/CGI programmer and tutor. @

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBM1gOwo4wrq++1Ls5AQGB5AP+IYjvoVM+/zYB7w4fsigjthhSXFJ3W8hT
g34PtdLAJMMfjs+QDrJrwlUkO0zi/9LAc1Ph4CSLeoMZO9yEUDLc316P4aMZ9C4G
ZzMa/+SQCgCgLAKiRpzHqr0OAOV/ClGfi3OCphIHjdWeKaIu1ixHEIZ5CJq7X/bA
bejwOGA4BgQ=
=+2ys
-----END PGP SIGNATURE-----


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .