[Bug 1200069] CVE-2015-1464 rt: session hijaking flaw in RSS feed handler
bugzilla at redhat.com
bugzilla at redhat.com
Tue Mar 10 03:40:54 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1200069
--- Comment #4 from Ralf Corsepius <rc040203 at freenet.de> ---
(In reply to Ralf Corsepius from comment #3)
> (In reply to Jason Tibbitts from comment #2)
> > So, I'm playing with a rebase to 4.2.10 and pretty much none of the patches
> > apply. I think several of them are upstream so I'll start tracking them down.
> >
> > But, Ralf, do let me know if you'd rather take care of this yourself.
> Patience, please. I already had an update candidate pending, but as you
> noticed rebasing the patches isn't trivial and requires testing.
Grumble. Tibbs - Would you please take timezones into account before killing my
work?
This CVE churn started at 16-17:00 local time, you sent your notice ~20:00
and commited your patches ~01:00 local-time. What am I supposed to think of
this?
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=X3Vz1IRuOg&a=cc_unsubscribe
More information about the perl-devel
mailing list