Am 2016-05-15 um 08:53 schrieb Paul Wise:
On Fri, May 13, 2016 at 8:12 PM, Elmar Stellnberger wrote:
Hi! Would anyone mind to re-post the following bug reports at
https://savannah.gnu.org/bugs/?
That URL gives a 404 message.
Unfortunately my email program seems having stripped the end of that
URL; the right URL is:
https://savannah.gnu.org/bugs/?group=grub
* https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23498
* https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23490
* https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23496
* https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23497
Apparently these are all not bugs and won't be fixed?
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=23498;msg=9
These bugs are real issues and need re-posting! They have in deed
been closed because they were filed against the wrong place. Do not get
irritated by the on-close flags; the number of available flags is limited.
How could anyone ignore a flagrant issue like a gzip-buffer-overrun?
Not only Grub but the whole web depends on gzip decompression. This is a
yet widely overlooked but still dangerous attack vector!
