| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: s.esser at e-matters.de (Stefan Esser) Subject: Advisory 02/2004: Trillian remote overflows -> maybe this is off-topic, but... Hello, On Tue, Feb 24, 2004 at 08:23:44PM -0500, Luke Schierer wrote: > Jeff is absolutely correct. We've given them yahoo code, they have given > us yahoo code. Sean Egan and one of their heads, a guy named Scott, are > on good terms. no theft either way involved here. > luke There is actually one little problem... Eric Warmenhoven, the guy who commited the yahoo code had no clue that this code is used by Trillian. Noone from the GAIM team except himself has the right to dual license his code. And the second thing is: take a close look on the commit messages: It a) references external persons rev 1.11: Valdis Kletnieks (sysphrog) suggested this fix. This seems really odd to me. Typical Yahoo. (The fix is actually only a "+1" fix) b) has mysterious comments... rev 1.12: this seems... i don't know. (sounds to me like... Hmmm got this code commited it, but don't know if or why it is better) Stefan Esser -- -------------------------------------------------------------------------- Stefan Esser s.esser@...atters.de e-matters Security http://security.e-matters.de/ GPG-Key gpg --keyserver pgp.mit.edu --recv-key 0xCF6CAE69 Key fingerprint B418 B290 ACC0 C8E5 8292 8B72 D6B0 7704 CF6C AE69 -------------------------------------------------------------------------- Did I help you? Consider a gift: http://wishlist.suspekt.org/ --------------------------------------------------------------------------
Powered by blists - more mailing lists