[erlang-patches] patch for CVE-2008-2371

Kenji Rikitake <>
Fri Feb 12 16:22:31 CET 2010


For "security advisories": I suggest the Erlang/OTP team to review the
operating system advisories available on the net.  It's not about
guaranteeing something, but the developers of software generally wants
an abridged or summarized statements for bugs like:

  The bug itself
  Symptoms
  Workarounds
  How it might affect to related software
  How it will be fixed (or not)

FreeBSD Security Advisory might be a good starting point.
http://www.freebsd.org/security/advisories.html

(Not all people have enough time to read through the source code
 and experiment.  Unfortunately I'm one of those lazy ones too.)

Regards,
Kenji Rikitake

In the message <>
dated Fri, Feb 12, 2010 at 08:36:50AM +0100,
Kenneth Lundin <> writes:
> I don't really understand what you mean with "policy on security
> advisories". Please explain more
> I really want to learn if we have missed something important.


More information about the erlang-patches mailing list