I mostly spent last week continuing to work on tickets in the security queue. As I said last time: > There's quite a lot of tickets in the security queue due to fuzzing, where > if the fuzzer detects a use-after-free or buffer overrun for example, the > reporter submits it to the security queue rather than the normal queue. > Once examined, 95% of the time it will be found to be harmless or > non-exploitable, but until someone has assessed and fixed it, it lingers > as an open security ticket. 2017/02/06 1:15 process p5p mailbox 0:30 review security tickets 3:57 RT #129861 heap-use-after-free S_mro_gather_and_rename 2017/02/07 0:45 process p5p mailbox 3:53 RT #130727 S_maybe_multideref: Assertion failed 1:00 RT #129861 heap-use-after-free S_mro_gather_and_rename 2017/02/08 0:07 process p5p mailbox 2:42 RT #129861 heap-use-after-free S_mro_gather_and_rename 2017/02/10 0:48 process p5p mailbox 2:50 RT #129881 heap-buffer-overflow Perl_pad_sv 2017/02/11 2:02 RT #129881 heap-buffer-overflow Perl_pad_sv SUMMARY: 7:39 RT #129861 heap-use-after-free S_mro_gather_and_rename 4:52 RT #129881 heap-buffer-overflow Perl_pad_sv 3:53 RT #130727 S_maybe_multideref: Assertion failed 2:55 process p5p mailbox 0:30 review security tickets ------ 19:49 TOTAL (HH::MM) -- Never do today what you can put off till tomorrow.Thread Next