[14407] in bugtraq
Re: gpm-root
daemon@ATHENA.MIT.EDU (ADAM Sulmicki)
Fri Mar 24 03:46:48 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0003221831440.14564-100000@chia.umiacs.umd.edu>
Date: Wed, 22 Mar 2000 18:35:53 -0500
Reply-To: ADAM Sulmicki <adam@CFAR.UMD.EDU>
From: ADAM Sulmicki <adam@CFAR.UMD.EDU>
X-To: egmont@FAZEKAS.HU
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000322182143.4498.qmail@securityfocus.com>
> I've sent report about the following security hole to the
> authors of gpm, but they seemed to ignore the problem. The
> problem applies to every gpm version known by me, for
> example 1.18.1 and 1.19.0.
Well, if you would check README in 1.19.0 version, you would notice
following fragment:
=========== MAINTAINANCE
As of 1.19.0, gpm is officially unmaintained. I can't do it any more,
and nobody expressed interest in it.
So I don't think it is fair to blame someone who spent a great deal of
their time doing gpm and has just quit it. Instead of blaming them
how about making up a patch and telling everybody "here's a patch
which fixes this problem".
FWIW,
Adam
