[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GnuTLS for W32

From: Reiner Steib
Subject: Re: GnuTLS for W32
Date: Sat, 07 Jan 2012 22:03:55 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux)

On Fri, Jan 06 2012, Juanma Barranquero wrote:

> 2012/1/6 Ted Zlatanov <address@hidden>:
>> The intention is to do whatever is appropriate on the platform to let
>> the user know they need to update and make the update easy.
> There's no single, general definition of "appropriate".
>> I'm not.  The risk is not worth the effort with image libraries.
> I don't understand why. Buffer overruns exploited through
> carefully-crafted images have been used before. 

yes, see e.g. CVE-2011-0408, http://www.kb.cert.org/vuls/id/388984,

> I would fear that (as a vector for malware) much more than someone
> eavesdropping my communications.

I agree.

Bye, Reiner.
      (o o)
---ooO-(_)-Ooo---  |  PGP key available  |  http://rsteib.home.pages.de/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]