Date: Wed, 28 Jan 2015 11:49:48 +0100 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: freebsd-security@freebsd.org Subject: Re: svn commit: r277806 - head/sys/dev/vt Message-ID: <693b2987.2b23d5b0@fabiankeil.de> In-Reply-To: <CAA3htvspjiDV9_-fwwzLpjYZuA1fG1F3O0_sD02DvcL8b60bGg@mail.gmail.com> References: <CAA3htvspjiDV9_-fwwzLpjYZuA1fG1F3O0_sD02DvcL8b60bGg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/4lwCHAd_gI=1bb=WdpUbVs. Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Pawel Biernacki <pawel.biernacki@gmail.com> wrote: > I found very worrying statement in that document: >=20 > "2015-01-27: FreeBSD informs us that after going through their mail archi= ve > they found out that the same issue was reported by Google and that they > missed it." >=20 > How many other such mails were missed? I can't answer this question, but I reported a couple of ggated issues (DoS, non-critical memory disclosure) in December: 2014-12-09: Initial notification sent with potential patches. 2014-12-18: The mail was acknowledged and additional information requested. 2014-12-19: A more verbose description of the issue was sent as requested. 2015-01-15: I asked for a status update, preferably before FOSDEM. I haven't heard back yet and don't know when the issues will be addressed. Fabian --Sig_/4lwCHAd_gI=1bb=WdpUbVs. Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlTIvswACgkQBYqIVf93VJ14jQCcC/BlMAPlBRQu9TAwA5YqIUxC n6kAmwW5KMBPXjejziHVwGn8wM9D5/zR =kDgM -----END PGP SIGNATURE----- --Sig_/4lwCHAd_gI=1bb=WdpUbVs.--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?693b2987.2b23d5b0>