* [TUHS] In search of SunOS 4-era security advisory.
@ 2023-01-11 17:11 Dan Cross
2023-01-11 17:27 ` [TUHS] " Alec Muffett
0 siblings, 1 reply; 3+ messages in thread
From: Dan Cross @ 2023-01-11 17:11 UTC (permalink / raw)
To: TUHS
The security vulnerability in question could be briefly summarized as,
"Fortran divide-by-zero gives root." I think that was just a specific
manifestation of the underlying problem, though. More specifically it
was actually due to failure to sanitize state after handling a SIGFPE
(and possibly other signals as well?).
I have a distinct memory of this, but can no longer find any evidence
for it. Did I just make it up from whole cloth, or was this actually a
thing?
- Dan C.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [TUHS] Re: In search of SunOS 4-era security advisory.
2023-01-11 17:11 [TUHS] In search of SunOS 4-era security advisory Dan Cross
@ 2023-01-11 17:27 ` Alec Muffett
2023-01-11 17:30 ` Dan Cross
0 siblings, 1 reply; 3+ messages in thread
From: Alec Muffett @ 2023-01-11 17:27 UTC (permalink / raw)
To: Dan Cross; +Cc: TUHS
[-- Attachment #1: Type: text/plain, Size: 674 bytes --]
https://vuls.cert.org/confluence/plugins/servlet/mobile?contentId=97124523#content/view/97124523
On Wed, 11 Jan 2023, 17:13 Dan Cross, <crossd@gmail.com> wrote:
> The security vulnerability in question could be briefly summarized as,
> "Fortran divide-by-zero gives root." I think that was just a specific
> manifestation of the underlying problem, though. More specifically it
> was actually due to failure to sanitize state after handling a SIGFPE
> (and possibly other signals as well?).
>
> I have a distinct memory of this, but can no longer find any evidence
> for it. Did I just make it up from whole cloth, or was this actually a
> thing?
>
> - Dan C.
>
[-- Attachment #2: Type: text/html, Size: 1140 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* [TUHS] Re: In search of SunOS 4-era security advisory.
2023-01-11 17:27 ` [TUHS] " Alec Muffett
@ 2023-01-11 17:30 ` Dan Cross
0 siblings, 0 replies; 3+ messages in thread
From: Dan Cross @ 2023-01-11 17:30 UTC (permalink / raw)
To: Alec Muffett; +Cc: TUHS
That's it. Thanks, Alec!
On Wed, Jan 11, 2023 at 12:28 PM Alec Muffett <alec.muffett@gmail.com> wrote:
>
> https://vuls.cert.org/confluence/plugins/servlet/mobile?contentId=97124523#content/view/97124523
>
>
>
> On Wed, 11 Jan 2023, 17:13 Dan Cross, <crossd@gmail.com> wrote:
>>
>> The security vulnerability in question could be briefly summarized as,
>> "Fortran divide-by-zero gives root." I think that was just a specific
>> manifestation of the underlying problem, though. More specifically it
>> was actually due to failure to sanitize state after handling a SIGFPE
>> (and possibly other signals as well?).
>>
>> I have a distinct memory of this, but can no longer find any evidence
>> for it. Did I just make it up from whole cloth, or was this actually a
>> thing?
>>
>> - Dan C.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-01-11 17:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-11 17:11 [TUHS] In search of SunOS 4-era security advisory Dan Cross
2023-01-11 17:27 ` [TUHS] " Alec Muffett
2023-01-11 17:30 ` Dan Cross
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).