Bugtraq mailing list archives
Re: DJB's students release 44 *nix software vulnerability advisories
From: Artem Chuprina <ran () ran pp ru>
Date: Tue, 21 Dec 2004 19:53:35 +0300
D. J. Bernstein -> bugtraq () securityfocus com @ 18 Dec 2004 04:25:11 -0000:
In each case, Professor Bernstein notified the author of the vulnerable package on Dec 15 via e-mail. This mail hit Bugtraq on the 16th, giving one day for vendors to provide fixes.
DJB> Actually, I sent all of these notifications to the public DJB> securesoftware mailing list (http://securesoftware.list.cr.yp.to) DJB> at the same time that I sent them to the authors. It certainly DJB> wasn't my intention to give the authors an extra day of DJB> self-delusion. Was it your intention not to give _users_ of their programs an extra time of not being _widely_ attacked? While you certainly cannot offer them alternative software for their tasks - of your own programs only ezmlm with third-party patches is more than proof of concept. We need software that does the work, not only one that demonstrates that the work can be done in principle. -- Artem Chuprina RFC2822: <ran{}ran.pp.ru> Jabber: ran () jabber ran pp ru
Current thread:
- DJB's students release 44 *nix software vulnerability advisories Thor Larholm (Dec 16)
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 17)
- Re: DJB's students release 44 *nix software vulnerability advisories cees-bart (Dec 17)
- Re: DJB's students release 44 *nix software vulnerability advisories Marcin Owsiany (Dec 20)
- Re: DJB's students release 44 *nix software vulnerability advisories security curmudgeon (Dec 17)
- Re: DJB's students release 44 *nix software vulnerability advisories Julian T J Midgley (Dec 20)
- <Possible follow-ups>
- Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 19)
- Re: DJB's students release 44 *nix software vulnerability advisories Artem Chuprina (Dec 21)
- Re: DJB's students release 44 *nix software vulnerability advisories Stephen Samuel (Dec 21)
- Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 22)
- Re: DJB's students release 44 *nix software vulnerability advisories David Eisner (Dec 22)
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 22)
- Re: DJB's students release 44 *nix software vulnerability advisories D. J. Bernstein (Dec 23)
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 24)
- Message not available
- Re: DJB's students release 44 *nix software vulnerability advisories Crispin Cowan (Dec 23)
- Re: DJB's students release 44 *nix software vulnerability advisories milw0rm Inc. (Dec 21)
- Re: DJB's students release 44 *nix software vulnerability advisories Antoine Martin (Dec 21)