| *** blarnath is now known as d34dh0r53 | 13:13 | |
| fungi | d34dh0r53: i haven't seen any concerns raised with your impact description on https://launchpad.net/bugs/1981813 so we should probably work on submitting the cve request to mitre when you have a free moment | 14:30 |
|---|---|---|
| fungi | gagehugo: prometheanfire: dmendiza[m]: https://launchpad.net/bugs/1980954 has a one-line fix merged to the master branch of swift and is almost certainly backportable. can you take a look at the bug report and weigh in on whether you think the risk is sufficient to warrant publishing a security advisory? | 14:32 |
| fungi | d34dh0r53: ^ you too | 14:33 |
| gagehugo | fungi: I could see an advisory being published for that | 14:56 |
| fungi | there's still an outstanding question as to whether we need both changes or just the first one in order to address any vulnerability there, but once that's settled we can probably start work on preparing an advisory for it | 14:57 |
| prometheanfire | I feel like maybe no, it's not difficult to exploit but it's also easy to remediate via monitoring | 15:03 |
| fungi | yeah, resource consumption based denial of service has always been a grey area | 15:52 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!