oss-sec mailing list archives

Re: The Bind incident

From: Eugene Teo <eugene () redhat com>
Date: Thu, 07 Jul 2011 17:15:36 +0800

On 07/07/2011 03:09 AM, Barry Greene wrote:

Hi Eugene,

Yes, we worked hard to contain disclosure process. Politics took over. We will put factors in place for the next 
security advisory cycle to remediate so it does not happen again.

Thanks,


Thanks Barry.

Eugene

Barry

On Jul 5, 2011, at 4:21 AM, Eugene Teo wrote:

(Cc'ed the ISC folks)

On 07/05/2011 07:17 PM, Eugene Teo wrote:

You might have read about AusCert's accidental disclosure of the ISC
Bind advisories today. If you have more information about this, please
share. AFAICS, the bind source packages are still not available at the
ISC website.

https://bugzilla.redhat.com/CVE-2011-2464
https://bugzilla.redhat.com/CVE-2011-2465
http://risky.biz/auscert-bind
http://pastebin.com/9NUt8Pk0

Thanks, Eugene

Current thread:

The Bind incident Eugene Teo (Jul 05)
- Re: The Bind incident Eugene Teo (Jul 05)
  - Re: The Bind incident Barry Greene (Jul 06)
    - Re: The Bind incident Eugene Teo (Jul 07)
- Re: The Bind incident Solar Designer (Jul 05)
  - Re: The Bind incident Mike O'Connor (Jul 06)
    - Re: The Bind incident Florian Weimer (Jul 06)