Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Advisory 02/2004: Trillian remote overflows -> maybe this is off-topic, but...

From: Stefan Esser <s.esser () e-matters de>
Date: Wed, 25 Feb 2004 08:02:42 +0100
Hello,

On Tue, Feb 24, 2004 at 08:23:44PM -0500, Luke Schierer wrote:

Jeff is absolutely correct. We've given them yahoo code, they have given 
us yahoo code.  Sean Egan and one of their heads, a guy named Scott, are 
on good terms.  no theft either way involved here.
luke


There is actually one little problem... Eric Warmenhoven, the guy who commited
the yahoo code had no clue that this code is used by Trillian. Noone from the
GAIM team except himself has the right to dual license his code. And the second 
thing is: take a close look on the commit messages:

It a) references external persons

rev 1.11: Valdis Kletnieks (sysphrog) suggested this fix. 
This seems really odd to me. Typical Yahoo.

(The fix is actually only a "+1" fix)


b) has mysterious comments...

rev 1.12: this seems... i don't know.

(sounds to me like... Hmmm got this code commited it, but don't know if or why
it is better)



Stefan Esser

-- 

--------------------------------------------------------------------------
 Stefan Esser                                        s.esser () e-matters de
 e-matters Security                         http://security.e-matters.de/

 GPG-Key                gpg --keyserver pgp.mit.edu --recv-key 0xCF6CAE69 
 Key fingerprint       B418 B290 ACC0 C8E5 8292  8B72 D6B0 7704 CF6C AE69
--------------------------------------------------------------------------
 Did I help you? Consider a gift:            http://wishlist.suspekt.org/
--------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: