From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Reiner Steib <reinersteib+gmane@imap.cc>
Newsgroups: gmane.emacs.devel
Subject: Re: GnuTLS for W32
Date: Sat, 07 Jan 2012 22:03:55 +0100
Message-ID: <87vcongr7o.fsf@marauder.physik.uni-ulm.de>
References: <CAJU7zaKH0NTE7ko6u24gXy9WupsNw+CAvhMdVudzxpXvsY2vig@mail.gmail.com>
	<87hb0b77nr.fsf@lifelogs.com> <8739bvs27m.fsf@wanadoo.es>
	<87ty4b4329.fsf@lifelogs.com> <m3mxa3p5e7.fsf@stories.gnus.org>
	<87hb0b3yoe.fsf@lifelogs.com>
	<6ED011D5-E185-44C6-BB31-A445A4E5F83A@gmail.com>
	<87wr976otx.fsf@lifelogs.com> <E1Rig0X-0005lQ-Pv@fencepost.gnu.org>
	<87ipkq6yy5.fsf@lifelogs.com> <87boqi6tzz.fsf@linux-hvfx.site>
	<87ehve3ul8.fsf@lifelogs.com>
	<CAAeL0SQuSONPtE45A_vQ=5F4x+J3Shv8AvYOG3woYgqz7_7Q9g@mail.gmail.com>
	<87lipl22xm.fsf@lifelogs.com>
	<CAAeL0SQS8e1zwsj_UUzkbazBHt534e8WVCJ4Row__R4uRn8wXg@mail.gmail.com>
	<87boqh20ha.fsf@lifelogs.com>
	<CAAeL0SSO7JA3QRYYWg6uOUkWsk87BoyZd9JQd4RLjD9yprq=YQ@mail.gmail.com>
	<877h151x01.fsf@lifelogs.com>
	<CAAeL0SQ4CwjfqP6_6e96VMavKZUg74c6FruN=rk=PuZhJfjctQ@mail.gmail.com>
	<87y5tkzzwp.fsf@lifelogs.com>
	<CAAeL0ST76Y75d21LUmagRp3yJHaauLOJeNU9xhTPM_ou7WJfBA@mail.gmail.com>
Reply-To: Reiner Steib <Reiner.Steib@gmx.de>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: dough.gmane.org 1325970441 17444 80.91.229.12 (7 Jan 2012 21:07:21 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Sat, 7 Jan 2012 21:07:21 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Jan 07 22:07:17 2012
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RjdTx-0007Ok-Ky
	for ged-emacs-devel@m.gmane.org; Sat, 07 Jan 2012 22:07:17 +0100
Original-Received: from localhost ([::1]:50585 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1RjdTx-0000mb-0a
	for ged-emacs-devel@m.gmane.org; Sat, 07 Jan 2012 16:07:17 -0500
Original-Received: from eggs.gnu.org ([140.186.70.92]:57103)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjdTu-0000mT-N4
	for emacs-devel@gnu.org; Sat, 07 Jan 2012 16:07:15 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjdTt-0000kv-10
	for emacs-devel@gnu.org; Sat, 07 Jan 2012 16:07:14 -0500
Original-Received: from lo.gmane.org ([80.91.229.12]:46655)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjdTs-0000kX-EC
	for emacs-devel@gnu.org; Sat, 07 Jan 2012 16:07:12 -0500
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1RjdTp-0007Mr-HW
	for emacs-devel@gnu.org; Sat, 07 Jan 2012 22:07:09 +0100
Original-Received: from p5481f804.dip.t-dialin.net ([84.129.248.4])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Sat, 07 Jan 2012 22:07:09 +0100
Original-Received: from Reiner.Steib by p5481f804.dip.t-dialin.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Sat, 07 Jan 2012 22:07:09 +0100
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 27
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: p5481f804.dip.t-dialin.net
X-Face: #vK]N[`vqjuod*|)'[iD7/"3AB-A<O>pT%fmN"LWAg@oS7OesGv~)n[OBTLM#I="J'Y^-7I
	I/ps7o_'IK@#-Rs{::DZ@O8yS|fexe,XslY[:dNWOb~>?mC-&i_c)say:"\IpA.5U.b]'NY;
	Pks{lb h.+#6%DpZuaK3dcHB`Av3zc:r!C%~s0&m, tWj]&},
	qg.+0ww2gK%f!:GK|wMl.I!(voY*1"^li8"~B BNG)9LvPi?^DMR-GVDnZqhu*3Hi,
	+g=wFhI)BL6&u{EOVEHjVEVq~d?_}lMntWAc3(6?kftjc>_f>!
	g0wM(qPM$d5]^TT_Qyi&L?LGVG)SHN;Gk/,pkY9,~
Mail-Copies-To: nobody
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux)
Cancel-Lock: sha1:7TQGAir+6OtP1ZlwWnmjItY+X+I=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:147459
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/147459>

On Fri, Jan 06 2012, Juanma Barranquero wrote:

> 2012/1/6 Ted Zlatanov <tzz@lifelogs.com>:
>
>> The intention is to do whatever is appropriate on the platform to let
>> the user know they need to update and make the update easy.
>
> There's no single, general definition of "appropriate".
>
>> I'm not.  The risk is not worth the effort with image libraries.
>
> I don't understand why. Buffer overruns exploited through
> carefully-crafted images have been used before. 

yes, see e.g. CVE-2011-0408, http://www.kb.cert.org/vuls/id/388984,
http://www.google.com/search?q=libpng+arbitrary+code+execution

> I would fear that (as a vector for malware) much more than someone
> eavesdropping my communications.

I agree.

Bye, Reiner.
-- 
       ,,,
      (o o)
---ooO-(_)-Ooo---  |  PGP key available  |  http://rsteib.home.pages.de/