[Fwd: [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution]
Jim Popovitch
jimpop at yahoo.com
Sun Sep 25 18:51:57 UTC 2005
Michal Jaegermann wrote:
> On Sat, Sep 24, 2005 at 03:15:15PM -0400, Jim Popovitch wrote:
>
>>Michal Jaegermann wrote:
>>
>>>On Sat, Sep 24, 2005 at 10:23:00AM -0400, Jim Popovitch wrote:
>>>
>>>
>>>>Michal Jaegermann wrote:
>>>>
>>>>
>>>>>It is hard to imagine that somebody
>>>>>quietly fixed such hole in Python packages for Red Hat distributions
>>>>>and did not mention that anybody.
>>>>
>>>>Wouldn't this count:
>>>> http://rhn.redhat.com/errata/RHSA-2005-761.html
>>>
>>>
>>>Count to what?
>>
>>Count towards showing that RH had indeed released fixes. Isn't that
>>what you were stating above, that you hadn't seen any releases for RH yet?
>
>
> Sigh! The above is about pcre itself and we are talking here about
> a code embedded in Python. Unfortunately this is an independet,
> although related, issue. There are now bugzilla numbers for that
> (#166335 and #168318) but AFAICS no releases so far.
>
> Would you like, please, to write a corresponding bugzilla entry for
> Legacy packages or we should ask David for that? It appears that he
> already collected all data.
>
> Michal
Michal, I am confused about all your comments on this thread. I first
posted a question about this issue on 22-Sept. On that same day you
suggested I add it to bugzilla, I chose to wait for further input. Now
today I see that you already opened a bug back on 16-Sept
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168516
Why didn't you just say that this bug already existed?
-Jim P.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168516
More information about the fedora-legacy-list
mailing list