Il giorno 10/mar/2015 20.48, "Ted Unangst" ha scritto:
>
> Boudewijn Dijkstra wrote:
> > Op Sat, 07 Mar 2015 20:13:45 +0100 schreef David Coppa :
> > > On Sat, Mar 7, 2015 at 7:28 PM, Ted Unangst
wrote:
> > >
> > >> Or you could start with the linked Ubuntu advisory and try to
discover where
> >
Boudewijn Dijkstra wrote:
> Op Sat, 07 Mar 2015 20:13:45 +0100 schreef David Coppa :
> > On Sat, Mar 7, 2015 at 7:28 PM, Ted Unangst wrote:
> >
> >> Or you could start with the linked Ubuntu advisory and try to discover
> >> where
> >> they hide the relevant patches. Heaven forbid they directly l
Op Sat, 07 Mar 2015 20:13:45 +0100 schreef David Coppa :
On Sat, Mar 7, 2015 at 7:28 PM, Ted Unangst wrote:
Or you could start with the linked Ubuntu advisory and try to discover where
they hide the relevant patches. Heaven forbid they directly link to them,
somebody might discover Ubuntu is b
On Wed, 04 Mar 2015 17:12:07 -0500
Ted Unangst wrote:
> references this bug:
> http://savannah.nongnu.org/bugs/?43661
Does anyone know how to turn off external font loading in
xombrero's webkit and would doing so avoid a large part of the risk?
Was gonna post to misc@ but judging by this thread
On Sun, Mar 08, 2015 at 12:19:08AM +0600, Артур Истомин wrote:
> No. I wouldn't lift a finger. It is your duty as a developer of "most secure
> OS".
> Do it! Or shut up and stop pretending that OpenBSD in any way secure to use.
Battle rap is off-topic on this mailing list...
On Sat, Mar 07, 2015 at 01:14:32AM -0700, Theo de Raadt wrote:
> > On Thu, Mar 05, 2015 at 05:52:12PM +, Stuart Henderson wrote:
> > > On 2015/03/05 12:41, Ted Unangst wrote:
> > > > Boudewijn Dijkstra wrote:
> > > > > Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst
> > > > > :
> > > >
On Sat, Mar 7, 2015 at 7:28 PM, Ted Unangst wrote:
> Or you could start with the linked Ubuntu advisory and try to discover where
> they hide the relevant patches. Heaven forbid they directly link to them,
> somebody might discover Ubuntu is based on open source software.
Here are the patches Ub
Артур Истомин wrote:
> >
> > Moving to -current is considerably easier.
>
> So, in fact all 5.6's users sitting with vuln freetype in base now. Excellent!
Perhaps I was unclear, so here's a few suggestions, but far be it for me to
tell anyone else what to do.
You could go through FreeType's com
> On Thu, Mar 05, 2015 at 05:52:12PM +, Stuart Henderson wrote:
> > On 2015/03/05 12:41, Ted Unangst wrote:
> > > Boudewijn Dijkstra wrote:
> > > > Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst
> > > > :
> > > > > Freetype (http://www.freetype.org/) 2.5.5 was released a little while
On Thu, Mar 05, 2015 at 05:52:12PM +, Stuart Henderson wrote:
> On 2015/03/05 12:41, Ted Unangst wrote:
> > Boudewijn Dijkstra wrote:
> > > Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst
> > > :
> > > > Freetype (http://www.freetype.org/) 2.5.5 was released a little while
> > > > ago,
On 2015/03/05 12:41, Ted Unangst wrote:
> Boudewijn Dijkstra wrote:
> > Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst
> > :
> > > Freetype (http://www.freetype.org/) 2.5.5 was released a little while ago,
> > > fixing some security vulnerabilities. Actually as I understand it, 2.5.4
> > >
Boudewijn Dijkstra wrote:
> Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst :
> > Freetype (http://www.freetype.org/) 2.5.5 was released a little while ago,
> > fixing some security vulnerabilities. Actually as I understand it, 2.5.4
> > fixed the vulns, then 2.5.5 fixed the fix.
> >
> > Ope
Op Wed, 04 Mar 2015 23:12:07 +0100 schreef Ted Unangst :
Freetype (http://www.freetype.org/) 2.5.5 was released a little while ago,
fixing some security vulnerabilities. Actually as I understand it, 2.5.4
fixed the vulns, then 2.5.5 fixed the fix.
OpenBSD 5.7 will ship with 2.5.5; 5.6 shipped wi
Freetype (http://www.freetype.org/) 2.5.5 was released a little while ago,
fixing some security vulnerabilities. Actually as I understand it, 2.5.4
fixed the vulns, then 2.5.5 fixed the fix.
OpenBSD 5.7 will ship with 2.5.5; 5.6 shipped with 2.5.3 and is therefore
vulnerable.
The changelog for 2.
14 matches
Mail list logo
