Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: cve id request: insecure xauth cookie handling in fglrx (ati catalyst) driver
From: Michael Gilbert <michael.s.gilbert () gmail com>
Date: Fri, 22 Jul 2011 14:16:28 -0400

Mike O'Connor wrote:
It looks like you've seen the same kind of thing before:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526678

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529306

Yes, those are CVE-2009-1573 and CVE-2009-1756.

This may be worth a mention in the xauth man page.

I think the vast majority aren't going to pay attention to
seemingly pedantic man page warnings, but then again it may
be worth it to help the few that do.

Mike


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]