Wednesday·04·October·2006
Mailing lists made my day //at 13:58 //by abe
from the ROTFLBTC dept.
Today actually two mailing lists made my day:
First Theo de Raadt’s mail to the FreeBSD security mailing list:
Date: Mon, 02 Oct 2006 14:00:11 -0600 From: Theo de Raadt <deraadt@cvs.openbsd.org> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:22.openssh Message-ID: <200610022000.k92K0B5P009759@cvs.openbsd.org> > The OpenSSH project believe that the race condition can lead to a Denial > of Service or potentially remote code execution ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Bullshit. Where did anyone say this? Why don't you put people in charge who can READ CODE, and SEE THAT THIS IS ABSOLUTE BULLSHIT.
and Colin Percival’s dry reply pointing out who made the “ABSOLUTE BULLSHIT”:
Date: Mon, 02 Oct 2006 14:25:05 -0700
From: Colin Percival <cperciva@freebsd.org>
To: Theo de Raadt <deraadt@cvs.openbsd.org>
Cc: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:22.openssh
Message-ID: <452183B1.7000306@freebsd.org>
Theo de Raadt wrote:
>> The OpenSSH project believe that the race condition can lead to a Denial
>> of Service or potentially remote code execution
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Bullshit. Where did anyone say this?
The OpenSSH 4.4 release announcement says that, actually:
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
pre-authentication remote code execution if GSSAPI authentication
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
is enabled, but the likelihood of successful exploitation appears
remote.
Colin Percival
Well, looks like an exquisite own goal. (Found by Squeeeez.)
Then, _rene_ cited a mail from the current Debian Project Leader Anthony Towns on debian-devel in #debian.de, who thought that »Switzerland was some foreign word meaning “snowy place”«:
Date: Tue, 3 Oct 2006 15:52:38 +1000 Subject: Re: Bits from the DPL: Looking forward From: Anthony Towns <aj@azure.humbug.org.au> Message-ID: <20061003055238.GA4841@azure.humbug.org.au> On Tue, Oct 03, 2006 at 03:39:20PM +1000, Anthony Towns wrote: > BSPs in Vienna (Switzerland) [3], I was assuming, of course, that "Switzerland" was some foreign word meaning "snowy place", but apparently it's actually a country all of its own, entirely separate to Austria... On Tue, Oct 03, 2006 at 03:43:52PM +1000, Anthony Towns wrote: > (b) Firmware vote > proposal, as amended by Manon Srivastava (Message-id: And while _Manon des sources_ might've been a neat French film, I don't think it's actually got all that much to do with Manoj... Cheers, aj
And contrary to the usual biases, this geographic unawareness comes from Australia (which is unequal to Austria ;-) and not from the US. :-)
Guys, you all made my day. Kind regards from a currently not so snowy
snowy place. :-)
Filed under:
Blogging is futile » English » Computer »
Tagged as: #debian.de, Australien, Caps-Lock, Debian, Eigentor, Made my day, OpenBSD, OpenSSH, Rant, ROTFL, Schadenfreude, Schweiz, USA, Vorurteil, Österreich
// show without comments // write a comment
Tagged as: #debian.de, Australien, Caps-Lock, Debian, Eigentor, Made my day, OpenBSD, OpenSSH, Rant, ROTFL, Schadenfreude, Schweiz, USA, Vorurteil, Österreich
// show without comments // write a comment
