[security] Safari problem
Martin Atkins
mart at degeneration.co.uk
Wed Mar 28 19:19:37 UTC 2007
gaz_sec at hushmail.com wrote:
>
> Hi everyone
>
> I am going to delay the release of my exploit by another week as
> there are 2 OpenID servers which have not patched this
> vulnerability yet.
>
I note that the Net::OpenID Perl libraries maintained by Brad
Fitzpatrick and used on LiveJournal have not been patched yet. Does this
vulnerability affect LiveJournal's implementation?
If so, have you already informed Brad? I may also be able to prepare and
commit a patch for those libraries myself if you disclose the flaw to me
privately.
More information about the security
mailing list