[MPlayer-DOCS] MPlayer security bugreport

Ivan Kalvachev ikalvachev at gmail.com
Tue Apr 11 23:16:28 CEST 2006


2006/4/9, Reimar Döffinger <Reimar.Doeffinger at stud.uni-karlsruhe.de>:
> Hi,
> On Sun, Apr 09, 2006 at 01:05:32PM +0300, Ivan Kalvachev wrote:
> > +In case you have found exploitable bug and you would like to do the right thing
>
> "found an exploitable..."
>
> > +advisory at <ulink url="mailto:security at mplayerhq.hu"/>.
>
> IMHO the address should appear outside the link tag as well.
>
> > +Be sure that your report contains compleate and detailed analisys of the bug.
>
> complete, analysis
>
> > +Sending fix is highly appresiated.
>
> appreciated

Yeh, I knew the spell checker might not be working, as it didn't get
any misspells ;)

>
> > +Pleace don't delay your report to write proof-of-concept exploit, you can send that one with another mail.
> > +Sending casual bugreports about non-exploitable and non-confirmed bugs will not be tolerated!
>
> That's IMHO a bit too harsh. We can still flame people in secret when
> they do this *g*. Or add this paragraph when there is a significant
> number of bad reports to justify it.

Indeed, after reading it second time, I also find it different than my intent.
My purpose was to avlid causal bugreports from the sort "this doesn't work" ...

reimar, poirierg thank you for your help.




More information about the MPlayer-DOCS mailing list