[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVE-2017-14482 - Red Hat Customer Portal

From: Óscar Fuentes
Subject: Re: CVE-2017-14482 - Red Hat Customer Portal
Date: Sat, 23 Sep 2017 14:53:36 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux) (Charles A. Roelli) writes:

> The code that caused CVE-2017-14482 (aka Bug#28350) was 100% correct.
> It was also far too powerful, so its behavior had to be properly
> limited.

The two sentences above are contradictory.

> There is no way to find such a "bug" without reading the
> code and trying to understand its use.

Maybe, in the Elisp case, this is true, but not in the general case.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]