Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #11406
| From | Eduardo A. Bustamante López <dualbus@gmail.com> |
|---|---|
| Newsgroups | gnu.bash.bug |
| Subject | Re: Integer Overflow in braces |
| Date | 2015-08-20 22:00 -0500 |
| Message-ID | <mailman.51.1440126064.31004.bug-bash@gnu.org> (permalink) |
| References | <CABq52TYThGj9OtBn3xTti5scmA=WdnS7ULw3G6GMayPK6WR0+w@mail.gmail.com> <5768562.ErHXazUaoC@smorgbox> <20150818130433.GF4309@eeg.ccf.org> <1558903.maOEY5AuEr@smorgbox> <55D34338.9000502@case.edu> |
Just FYI, if this were really a critical security issue, this is not how you should disclose it: https://www.reddit.com/r/netsec/comments/3h997d/bash_integer_overflow/ You have to first contact the maintainer in private, make sure the issue is acknowleged, fixed, and that the fix is available to most Bash users *before* disclosing anything. This just strikes me as a way to make yourself publicity. If you really want to help to fix Bash, instead of just complaining about some odd looking comments, provide patches... -- Eduardo Bustamante https://dualbus.me/
Back to gnu.bash.bug | Previous | Next | Find similar
Re: Integer Overflow in braces Eduardo A. Bustamante López <dualbus@gmail.com> - 2015-08-20 22:00 -0500
csiph-web