Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Operating Systems Security, "Microsoft Security, baby steps"

From: Mark J Cox <mjc () apache org>
Date: Thu, 18 Mar 2004 11:23:32 +0000 (GMT)
We don't even know how many weeks this bug was in circulation in the
vendor community before that date.


The OpenSSL issues were disclosed to the NISCC by me on February 25th
2004, the NISCC then notified vendors starting on February 26th with the
embargo date of March 17th.  The OpenSSL group had been working with the
Codenomicon test suite since the start of February, but we wanted to make
sure that we'd found all the issues and concluded our testing before we
started the notification process.

Regards,
Mark
--
Mark J Cox ........................................... www.awe.com/mark
Apache Software Foundation ..... OpenSSL Group ..... Apache Week editor




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: