Older blog entries for bcollins (starting at number 1)

Bummer, some major /tmp races found in OpenLDAP by RHAT, and narry a single post on the OpenLDAP lists about it. This is the second time I've seen Christian Gafton find a serious security hole in a program, and post the vulnerability, but not give feedback to the upstream.

The last time was in Linux-PAM. The sad part with that was that the section of code where the problem was, came FROM Gafton himself! Andrew Morgan (the Linux-PAM author) was quite surprised to find out about a RHAT vulnerability announcement from a Debian developer :/

Such is life, not everyone is as great as yourself :)

Spent some time with my 3 year old and wife (who is expecting in Aug :) today. Getting ready for Easter and all....and now it's time for bed.

Well, after finishing some work for my job, I settled into to some more mailing list coding for lists.debian.org. Now that it is all VERPified, I decided it would be a good idea to take some simple anti-spam measures. I'm tossing around the idea of disallowing submissions to the list unless a @.*debian.org address is one of the recipients. Looks like it will have some good results.

I'll be working on my own packages tonight (openldap, shadow, and PAM) to squash the remaining bugs before release. I've been putting it off until close to release to make sure everything has settled in properly.

(can't wait till my homebrew DSL gets running, 28.8k sucks)

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!