[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] owning ubuntu apt-key net-update (maybe apt-get update related)
- To: GloW - XD <doomxd@xxxxxxxxx>
- Subject: Re: [Full-disclosure] owning ubuntu apt-key net-update (maybe apt-get update related)
- From: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Date: Fri, 23 Sep 2011 18:00:29 +0300
On Fri, Sep 23, 2011 at 06:32:10AM +1000, GloW - XD wrote:
> So, this is an exploit then ? Or just a broken package ? Some people would
> simply not understand that,your very techy :P
> Anyhow, making a small .sh file for the bug would be cool.. if there is a
> bug to be had.
> cheers
>
>
hi GloW,
the bug appears real to me. ubuntu released an advisory [1]
and debian have a bug [2].
ubuntu's advisory moderately hurt my narcissistic ego
by not mentioning my humble name :(
i suppose they have a corporate policy to give credit to "whores only"
(this might be checked by examining which distros give credit
and which write ``it was discovered'')
as a minor boost to my narcissistic ego, ubuntu's advisory
didn't contain CVE(R) ID :)
next time ubuntu hurt my narcissistic ego, i will try the black market for the
bug.
[1]
https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001424.html
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
--
joro
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/