[Bf-committers] Where to discuss (possible) security issues?
kibi at debian.org
Mon May 5 01:32:26 CEST 2008
I'm wondering whether there's a private list/alias where one can discuss
possible security issues, or whether that list would be appropriate.
BTW, while running an analyzer on the sources, I noticed that one:
| strncat(name, s_elem->name, FILE_MAXFILE);
while all other strncat calls are using FILE_MAXFILE-1. Since the patch
is trivial (and the problem found automatically with that flawfinder
tool), I think it's safe to assume there's no real vuln. disclosure
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.blender.org/pipermail/bf-committers/attachments/20080505/15c4e4ce/attachment.pgp
More information about the Bf-committers