[11201] in bugtraq
Re: [linux-security] [RHSA-1999:023-01] Potential security
daemon@ATHENA.MIT.EDU (Miguel de Icaza)
Fri Jul 30 21:45:26 1999
Message-Id: <199907292356.SAA27035@erandi.nuclecu.unam.mx>
Date: Thu, 29 Jul 1999 18:56:12 -0500
Reply-To: Miguel de Icaza <miguel@GNU.ORG>
From: Miguel de Icaza <miguel@GNU.ORG>
X-To: davids@webmaster.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <000c01beda1c$66db2550$021d85d1@youwant.to> (davids@webmaster.com)
> > Give people a chance to upgrade Gnumeric and I will happilly share the
> > information with bugtraq (if someone does not read the 10 diffs in the
> > meantime).
>
> I understand your intentions, but I don't think they make any sense.
I do not understand what do you mean. Why do you say it does not make
sense to try (only try) to protect users by not disclosing the
information now?
You can trust me in the meantime. Hey, if you are running Gnumeric
currently you are already trusting me ;-)
I will disclose all information after people have had a chance to
upgrade their Gnumerics.
Btw, Dax Kelson keeps the very latest and greatest RPMs of GNOME in
his ftp site. His version (0.31) not only has the hole fixed, but it
also contains the printing support for gnumeric (ftp.gurulabs.com).
So, there it goes, another reason to upgrade to 0.31 :-)
best wishes,
Miguel.
