The Revenge of Buffer Overflows
    Alejandro Tejada 
    capellan2000 at gmail.com
       
    Wed Apr  9 17:58:47 EDT 2014
    
    
  
Richard Gaskin wrote
> Scott Raney's opinion on buffer overflows:
> <https://www.mail-archive.com/
> metacard at .runrev
> /msg02659.html>
Many thanks for posting this message from Scott Raney.
>From this message, I found the Top 25 software errors:
http://www.sans.org/top25-software-errors/
And Buffer Overflows is at the top in his category:
Risky Resource Management
http://cwe.mitre.org/top25/index.html#CWE-120
This incident just generates more questions:
Who made this specific change in the OpenSSL code?
Did he actually knew the consequences of the
changes that he committed?
Why nobody else noticed, until now?
Who knows what evil lurks in the source of trusted software?
Al
--
View this message in context: http://runtime-revolution.278305.n4.nabble.com/The-Revenge-of-Buffer-Overflows-tp4678133p4678137.html
Sent from the Revolution - User mailing list archive at Nabble.com.
    
    
More information about the use-livecode
mailing list