Hi, Thanks for the heads up! As this might be of interest for more distributions, feel also free to join and discuss this on the oss-security list ( http://oss-security.openwall.org/wiki/mailing-lists/oss-security ) Ciao, Marcus On Wed, Jul 03, 2013 at 08:42:23PM +0000, mancha wrote:
Dear all:
I noticed you upgraded your xdm with a fix I developed for Xorg (openSUSE-SU-2013:1117-1).
You might be interested to know this patch is part of an ongoing project of mine where I am working with developers to introduce needed protections for possible crypt()-related NULL pointer dereference situations.
I share this as you might find some of these fixes valuable for OpenSUSE.
My progress is being documented in Slackware's de facto bug & discussion forum (LQ): https://www.linuxquestions.org/questions/slackware-14/%5Bslackware- current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/
I am placing all patch files in a sourceforge project: https://sourceforge.net/projects/miscellaneouspa/files/glibc217/
--mancha
PGP Key ID: 0xB5ABF4FFF7048E92 Key fingerprint = 7F1F E9BF 77CF 15AC 8F6B C934 B5AB F4FF F704 8E92
-- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org