lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev FWD: www.infilsec.com - Bugs: lynx tempfile predictable


From: Klaus Weide
Subject: Re: lynx-dev FWD: www.infilsec.com - Bugs: lynx tempfile predictable
Date: Fri, 1 Jan 1999 12:01:11 -0600 (CST)

On Fri, 1 Jan 1999, Philip Webb wrote:

> 981231 Leonid Pauzner wrote: 
> >> Subject: Infilsec - Bugs: lynx tempfile predictable
> >> X-URL: http://www.infilsec.com/cgi-infilsec/if?action=generate&key=00059
> > Why not avoiding symlinks at /tmp/ or this was fixed long ago?
> 
> this was cured for 2-8 , ie by 980301.
> 
> >>    Infilsec
> >>    lynx tempfile predictable
> >>    Record Created: Wed Dec 30 16:25:49 1998
> >>    Last Modified: Wed Dec 30 16:25:49 1998
> >> all versions of Lynx (tested on 2.7.1, Linux)
> 
> NB: it would be very irresponsible of Infilsec to advertise a bug
> without making certain they were using the latest version of the software
> (subjunctive mood intentional). 

The dates are broken.  "Record Created" and "Last Modified"
actually always show the current time.  That gives the false
impression that all these bug reports are new, when in fact
they may be years old.

I submitted a change via their "Modify Vulnerability" link; supposedly
"This will be reviewed before admission to the database"; we'll see
whether anybody is at home.

    Klaus

reply via email to

[Prev in Thread] Current Thread [Next in Thread]