oss-sec mailing list archives
Re: Re: Some fun with tcp_wrappers
From: Tomas Hoger <thoger () redhat com>
Date: Tue, 28 Apr 2009 11:22:53 +0200
Hi Steve! On Fri, 24 Apr 2009 19:10:11 -0400 (EDT) "Steven M. Christey" <coley () linus mitre org> wrote:
Given last week's round of discussion on this list and related commentary in Red Hat 491095, I still don't know how to write up CVE-2009-0786. Should we focus it on the hosts_ctl() usage in the Fedora version of tcp_wrappers?
Given Wietse's (original upstream author) comments, original behavior is intended one, so 0786 should be rejected. We're not adding the change as security fix to the product versions where it's not included already. Thank again to Wietse for his comments! -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Re: Re: Some fun with tcp_wrappers, (continued)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 15)
- Re: Re: Some fun with tcp_wrappers Tomas Hoger (Apr 15)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 15)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 15)
- Re: Re: Some fun with tcp_wrappers Steven M. Christey (Apr 15)
- Re: Re: Some fun with tcp_wrappers Tomas Hoger (Apr 16)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 16)
- Re: Re: Some fun with tcp_wrappers Tomas Hoger (Apr 16)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 16)
- Re: Re: Some fun with tcp_wrappers Steven M. Christey (Apr 24)
- Re: Re: Some fun with tcp_wrappers Tomas Hoger (Apr 28)
- Re: Re: Some fun with tcp_wrappers Tomas Hoger (Apr 16)
- Re: Re: Some fun with tcp_wrappers Wietse Venema (Apr 16)