Re: update

[JoeSox <joesox () gmail com>]

Does anyone know if there is official/unofficial vendor/manufacturer list
yet to all their official Vulnerability webpage info?
I thought I saw some when Heartbleed broke out.
--
Later, Joe

On Wed, Sep 24, 2014 at 9:41 PM, Hugo Slabbert <hugo () slabnet com> wrote:

> when do you think the embargo is over?
> >
>
> ref: http://seclists.org/oss-sec/2014/q3/650
>
> "At present, public disclosure is scheduled for Wednesday, 2014-09-24
> 14:00 UTC.  We do not expect the schedule to change, but we may be
> forced to revise it."
>
>  Date: Wed, 24 Sep 2014 15:07:26 -0400
> > From: Jared Mauch <jared () puck nether net>
> > To: Randy Bush <randy () psg com>
> > Cc: North American Network Operators' Group <nanog () nanog org>
> > Subject: Re: update
> > X-Mailer: Apple Mail (2.1985.4)
> >
> > Can I presume you’re talking about the bash CVE-2014-6271?
>
>  Date: Wed, 24 Sep 2014 13:09:19 -0600
> > From: Spencer Gaw <spencerg () frii net>
> > To: Randy Bush <randy () psg com>, North American Network Operators' Group <
> > nanog () nanog org>
> > Subject: Re: update
> > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101
> > Thunderbird/31.1.1
> >
> > See: http://seclists.org/oss-sec/2014/q3/650
>
> Both are > 2014-09-24 14:00 UTC by my count.  Unless the embargo got
> extended?
>
>
> On Thu 2014-Sep-25 13:05:45 +0900, Randy Bush <randy () psg com> wrote:
>
>  Keeping silent after the embargo is over isn't doing anyone any
> > > favors.
> >
> > when do you think the embargo is over?
> >
> > yes, it got blabbed.  but that does not mean one should be a blabber.
> >
> > randy
>
> --
> Hugo