Brad Fitzpatrick (brad) wrote,
Brad Fitzpatrick
brad

Programming error

If you look at security.debian.org's recent advisories:
[10 Jul 2005] DSA-745 drupal
    input validation errors
[08 Jul 2005] DSA-744 fuse
    programming error          <-------- heh
[08 Jul 2005] DSA-743 ht
    buffer overflows, integer overflows
[07 Jul 2005] DSA-742 cvs
    buffer overflow
[07 Jul 2005] DSA-741 bzip2
    infinite loop 

Aren't input validation errors, buffer/integer overflows, and infinite loops also programming errors?

I'm really curious exactly what fuse's problem is. The detailed view just says:

Sven Tantau discovered a security problem in fuse, a filesystem in userspace, that can be exploited by malicious, local users to disclose potentially sensitive information.

(the diff, for those curious)
Tags: tech
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 4 comments