SQLite vulnerability
Robert Simmons
rsimmons0 at gmail.com
Mon Dec 17 08:37:16 UTC 2018
Since you may not read that essay on open source software, here is the
salient point for you:
- For users: remember when filing an issue, opening a pull request or
making a comment on a project to be grateful that people spend their free
time to build software you get to use for free. Keep your frustrations and
non-actionable negativity to yourself (or at least offline and out of
earshot). Don’t expect anyone to fix your issues or help you if you’re
unwilling to dedicate more time to helping yourself than you ask of others.
This means reading all the documentation and trying to resolve your own
issues before ever asking for any help.
On Sun, Dec 16, 2018, 16:42 Roger Marquis <marquis at roble.com wrote:
> Thanks to Chrome{,ium} a recently discovered SQLite exploit has been all
> over the news for a week now. It is patched on all Linux platforms but
> has not yet shown up in FreeBSD's vulxml database. Does this mean:
>
> A) FreeBSD versions prior to 3.26.0 are not vulnerable, or
>
> B) the ports-secteam is not able to properly maintain the vulnerability
> database?
>
> If the latter perhaps someone from the security team could let us know
> how such a significant vulnerability could go unflagged for so long and,
> more importantly, what might be done to address the gap in reporting?
>
> Roger Marquis
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org
> "
>
More information about the freebsd-security
mailing list