Why that? Do you really think that a bug that enables all users on a
machine to see the encrypted passwords of other users is not a
security violation and that a solution is only on the wishlist?
I was informed that in my patch, there are missing parantheses near
free result. Obviously, I sent an obsolete version of the patch. Now, I
have attached the version that I really used to successfully compile
the package.
Hello,
On Tue, 05 Jan 2010 21:03:47 -0000
Kees Cook <email address hidden> wrote:
> Yes, please open an upstream report.
I did that yesterday.
> ** Changed in: glibc (Ubuntu)
> Importance: Undecided => Wishlist
Why that? Do you really think that a bug that enables all users on a
machine to see the encrypted passwords of other users is not a
security violation and that a solution is only on the wishlist?
I was informed that in my patch, there are missing parantheses near
free result. Obviously, I sent an obsolete version of the patch. Now, I
have attached the version that I really used to successfully compile
the package.
Regards
Christoph