[Secure-testing-team] Re: Bug#328395: CAN-2005-2801: ext2 ext3
xattr access control bypass
Horms
horms at debian.org
Thu Sep 15 06:19:20 UTC 2005
On Thu, Sep 15, 2005 at 01:38:51PM +0900, Horms wrote:
> On Thu, Sep 15, 2005 at 01:05:41PM +1000, Geoff Crompton wrote:
> > Package: linux-2.6
> > Severity: important
> >
> > Ref http://www.securityfocus.com/bid/14793
> >
> > The kernel team is aware of this issue, and fixes are in the kernel
> > teams svn at svn.debian.org.
> >
> > I created this report so as I couldn't find this issue mentioned in the
> > BTS. Please tag it with security and sarge.
>
> Reporting bugs for problems that are already resolved in SVN
> just creates work, and believe me we have enough of that already.
>
> Security bugs are already being tracked by the testing-security
> team, I think thats a much more workable framework for handling this.
I understand this, and I certainly appreciate your help.
Probably the best way to fix this problem is to set up
automation between the SVN changelogs, what the testing-security
guys are doing, and the BTS (for kernel packages).
--
Horms
More information about the Secure-testing-team
mailing list