Remotely triggerable crash

John Bailey rekkanoryo at
Tue Sep 21 23:22:35 EDT 2010

On 09/17/2010 06:29 PM, John Bailey wrote:
> On 09/17/2010 06:18 PM, Daniel Atallah wrote:
>> Do we need a CVE for this?
> Since we know the Yahoo issue, at least, is a definite remote crasher, yes, we
> do.  Since all the potential remote issues share the same root cause, we can
> request a single blanket CVE, something along the lines of "Insufficient return
> value checking leads to remotely triggerable denial of service" that indicates
> the same problem exists in multiple locations.
> John

Can we get this process jump-started so we can get a release pushed?  We have a
good number of bug fixes ready for this release that I'd like to see get pushed
out soon.  Maybe shoot for an October 7 or 8 release?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the security mailing list