oss-sec mailing list archives
Re: Re: browser document.cookie DoS vulnerability
From: aaron guzman <aaron23yankees () gmail com>
Date: Fri, 11 Oct 2013 07:25:10 -0700
Google is now paying for patches for apps like Chromium. This was announced yesterday. Patches are to be sent to security-patches () google com according to this link here http://www.tomsguide.com/us/google-software-bounty,news-17676.html On Thu, Oct 10, 2013 at 10:44 PM, Kurt Seifried <kseifried () redhat com>wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/25/2013 09:42 AM, Kurt Seifried wrote:On 09/20/2013 09:52 AM, Joel Weinberger wrote:Just an FYI, we have fixed this in tip of the tree Chromium: https://src.chromium.org/viewvc/chrome?revision=224268&view=revisionhttps://code.google.com/p/chromium/issues/detail?id=238041--JoelSo I assume Google will not be handling CVE assignments for chromium?Ping. Does anyone know if Google is acting as the CNA for Chromium? I assume they are, but I also see no CVE for this. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBAgAGBQJSV5BSAAoJEBYNRVNeJnmTEkMQAJQhHCzOKxhgJELgagAm3O2g 23pSmKNeXh27Px9Dq+RllMM/qN+jETPHQ/59y1l9GE4nMymqeMBBDbK0Ws5q050+ Ay9aZTPr3vleClhmoqyFOZIU+oDlbZ0/IamoM0th9F8r4hjVHbzFVO0GXkTSaGk4 CJKRP3fqli+yX+Wk8twUOXkr4Nr1bg4Ty7LugxeMlHCVrsMo4Lpbv2YcRVg/6x7f V6x326z9c00txtpKxbP0IgON7qeR7BBkPDgbf6APFcWSp/TSZIeXk2y/xgMVXiMd 3IJt6HeKqhLzb35PlHeZJrcJjKlUHkrZniY61Ig3gc/GviwgegFuAwP3O9kUDxvc GYS6t7bUfJ/Mhwaki4tAW5JeYc6WV3zhCU31UeJmr/tqNJfunI6uxASQnW0IzzVf eS5AV20nHJn6PtJTB54jxw4EuYDvzpXor+9WB5KP76z+wgZhUjitHR4PHDHUIeyY jc9nJ7EOs2aqj1k7UGd1STRDE2xG0Rki37Yvf7oPIPulGLjHmPxL6kKCpSTt+pIM OaOomM1uZSSejG8BMWXZ4vNTzc0yFUN1C2h226E2i2Q5CykCdENIOXLXjFASfPQR aVS+IvRrYFy7+9DjAXU3vK2uoW9vnDUoidSkd76jToCinfkJ6uAYUhH23RJBB1Xe /oZA/ZljHxv2mqbc/XMM =XRg2 -----END PGP SIGNATURE-----
Current thread:
- Re: Re: browser document.cookie DoS vulnerability Kurt Seifried (Oct 10)
- Re: Re: browser document.cookie DoS vulnerability aaron guzman (Oct 11)
- Re: Re: browser document.cookie DoS vulnerability Joel Weinberger (Oct 11)
- Re: Re: browser document.cookie DoS vulnerability Kurt Seifried (Oct 11)
- Re: Re: browser document.cookie DoS vulnerability Murray McAllister (Oct 14)
- Re: browser document.cookie DoS vulnerability cve-assign (Oct 15)
- Re: Re: browser document.cookie DoS vulnerability Kurt Seifried (Oct 11)
- Re: Re: browser document.cookie DoS vulnerability Kurt Seifried (Oct 15)
- Re: browser document.cookie DoS vulnerability cve-assign (Oct 16)
- Re: browser document.cookie DoS vulnerability cve-assign (Oct 17)
- Re: browser document.cookie DoS vulnerability Mozilla Security (Oct 17)