Second Life Forums Archive - Who to report web bug (exploit?) to?

Void Singer

Int vSelf = Sing(void);

Join date: 24 Sep 2005

Posts: 6,973

10-17-2007 01:38

yeah, not gonna post the bug here, but who takes these?

(and don't say "me" if you aren't a linden)

Stephen Zenith

Registered User

Join date: 15 May 2006

Posts: 1,029

10-17-2007 04:11

According to this page, https://wiki.secondlife.com/wiki/Security_issues exploits need to be sent to security@lindenlab.com .

_____________________

Malachi Petunia

Gentle Miscreant

Join date: 21 Sep 2003

Posts: 3,414

10-17-2007 04:42

From: Stephen Zenith

autoparsing urls by default makes no sense when bbcode is disabled.

yeah, but sometime after December 22, they'll have to turn bbcode back on or issue another statement like the one that expires (http://forums.secondlife.com/announcement.php?f=111) or... umm... just do nothing at all. Never mind.

Nika Talaj

now you see her ...

Join date: 2 Jan 2007

Posts: 5,449

10-17-2007 07:50

Void: I would simply create a new bug in Jira. Search first, tho, to see if it already has been filed.

Jira login:
https://jira.secondlife.com/secure/Dashboard.jspa

See "Create new issue" on the black menu bar near the top.

_____________________

.

To contact forum folks, join the inworld group "The Forum Cartel". New residents with questions about SL more than welcome! We has parties!

To contact forum scripters, join the inworld group "Scriptoratti" (thanks Void!). New scripter questions welcome!

Void Singer

Int vSelf = Sing(void);

Join date: 24 Sep 2005

Posts: 6,973

10-17-2007 12:56

Stephen, thanks... was just too tired to find it

Nika, I'd rather not... if it's exploitable, jira would be like dropping my pet rabbit off in a wolf den... for safe keeping (yes I know the helpful people outnumber the "wolves", but you never really know who's who)

Who to report web bug (exploit?) to?
Void Singer Int vSelf = Sing(void); Join date: 24 Sep 2005 Posts: 6,973	10-17-2007 01:38 yeah, not gonna post the bug here, but who takes these? (and don't say "me" if you aren't a linden)
Stephen Zenith Registered User Join date: 15 May 2006 Posts: 1,029	10-17-2007 04:11 According to this page, https://wiki.secondlife.com/wiki/Security_issues exploits need to be sent to security@lindenlab.com . _____________________
Malachi Petunia Gentle Miscreant Join date: 21 Sep 2003 Posts: 3,414	10-17-2007 04:42 From: Stephen Zenith autoparsing urls by default makes no sense when bbcode is disabled. yeah, but sometime after December 22, they'll have to turn bbcode back on or issue another statement like the one that expires (http://forums.secondlife.com/announcement.php?f=111) or... umm... just do nothing at all. Never mind.
Nika Talaj now you see her ... Join date: 2 Jan 2007 Posts: 5,449	10-17-2007 07:50 Void: I would simply create a new bug in Jira. Search first, tho, to see if it already has been filed. Jira login: https://jira.secondlife.com/secure/Dashboard.jspa See "Create new issue" on the black menu bar near the top. _____________________ . To contact forum folks, join the inworld group "The Forum Cartel". New residents with questions about SL more than welcome! We has parties! To contact forum scripters, join the inworld group "Scriptoratti" (thanks Void!). New scripter questions welcome!
Void Singer Int vSelf = Sing(void); Join date: 24 Sep 2005 Posts: 6,973	10-17-2007 12:56 Stephen, thanks... was just too tired to find it Nika, I'd rather not... if it's exploitable, jira would be like dropping my pet rabbit off in a wolf den... for safe keeping (yes I know the helpful people outnumber the "wolves", but you never really know who's who)

Welcome to the Second Life Forums Archive

Who to report web bug (exploit?) to?