lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 26 May 2004 14:51:21 -0400
From: Jan Schaumann <jschauma@...meister.org>
To: SGI Security Coordinator <agent99@....com>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
   vulnwatch@...nwatch.org
Subject: Re: IRIX libcpr vulnerability

SGI Security Coordinator <agent99@....com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> ______________________________________________________________________________
> 
>                           SGI Security Advisory
> 
>    Title:      libcpr vulnerability
>    Number:     20040507-01-P
>    Date:       May 26, 2004
>    Reference:  SGI BUG 914419
>    Reference:  CVE CAN-2004-0134
>    Fixed in:   Patches 5606, 5607, 5608, 5609 and 5610
> ______________________________________________________________________________

The patches are not readable on the ftp server:

ftp://patches.sgi.com/support/free/security/patches/6.5.22:

-rw-r-----    1 21          4079 May 26 09:32 patch5609.pgp.and.chksums
-rw-r-----    1 21          3666 May 26 09:32 patch5609.relnotes
-rw-r-----    1 21       1761280 May 26 09:32 patch5609.tar

This has happened before, so I don't know if it's a matter of the upload
script not having completed yet or not.  But one would assume that the
patches are readable at the time the SA is published...

-Jan

-- 
DON'T PANIC!

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists