| | <<<Back 1 day (to 2017/05/18) | 20170519 |
| bperry | hi I sent an email to gs-devel@ghostscript.com on tuesday | 12:53.19 |
| | I don't see it in the archive and haven't gotten a response | 12:53.32 |
| | do you need to be subbed to the list in order to post to it? | 12:53.43 |
| kens | Not certain, but I would expect so | 12:54.15 |
| | Your email has not been posted to the list so I expect mailman ate it | 12:54.28 |
| bperry | I will retry, i've subbed since I sent the original email | 12:54.53 |
| kens | Or you can simply ask here | 12:55.05 |
| bperry | I have many crashes in gxps and jbig2dec, some of which are likely going to be security sensitive | 12:55.43 |
| | A) it's a lot and B) I don't think posting some of them on a public bug tracker is cool without explicit permission | 12:56.12 |
| | so not sure where to report | 12:56.18 |
| kens | Then you should report them as bugs. Please ensure you are testing with the current HEAD from our Git repository | 12:56.19 |
| bperry | I was testing latest stable release | 12:56.37 |
| | I will test against master | 12:56.41 |
| kens | That wold be best there have been numerous fixes | 12:56.55 |
| bperry | cool that's good | 12:57.06 |
| kens | At least 6 in jbig2dec that I cna think os since the last release | 12:57.08 |
| bperry | I think I had 10 | 12:57.37 |
| | gxps was significantly more... | 12:58.15 |
| | I deduped as best I could | 12:58.25 |
| kens | Well now would be a good time to post them, I don;t htink we have any outstanding issues currently with jbig2dec | 12:58.30 |
| | OTOH Iits not my product so I could be mistaken | 12:58.42 |
| bperry | my concern is where to post them | 12:58.55 |
| kens | Once you've confirmed bugs reproduce in current code, just open bug reports. For any you think security related please open with the 'Security' product and mention the actual product in the comments. We'll need a specimen file and a command line to reproduce problems | 12:59.48 |
| bperry | sure | 13:00.12 |
| kens | Anything with the 'Security' product is private, it is only avialable to members of the 'Security' group and (of course) the original poster | 13:00.21 |
| bperry | I just wanted to make sure bug tracker was OK | 13:00.24 |
| | ok good | 13:00.27 |
| | that's what I wanted to know | 13:00.32 |
| | thanks | 13:00.34 |
| kens | Yeah that's new, we're trying to do a better job there | 13:00.45 |
| bperry | I'll see if I can get them done this weekend | 13:00.47 |
| | it wasn't easy to find this | 13:00.59 |
| | this info* | 13:01.03 |
| | maybe updating the site with it would help a bit | 13:01.11 |
| kens | THe security stuff is really new, like in the last few weeks, we're still working it out | 13:01.26 |
| bperry | np at all | 13:01.35 |
| kens | Don't really want to put stuff on the web site which is still subject to change to be honest | 13:01.57 |
| | Normally we don't get many security reports, but there seems to have been something of a deluge recently | 13:02.14 |
| | Forward 1 day (to 2017/05/20)>>> | |
Log of #ghostscript at irc.freenode.net.