oss-sec mailing list archives

Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code

From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 05 Oct 2014 20:23:13 -0600



On 05/10/14 01:48 PM, Sona Sarmadi wrote:

A while ago I sent a membership request to the closed vendor list and was denied by you & Kurt :) which was 
understandable since we were not ready at that time. After that we have worked hard to create a security team and 
build in-house security competence. We have been looking at security tests and tools, define a security incident 
management processes, create security checklist, we have been tracking all security vulnerabilities. As part of our 
security process we have insured that our bug tracking system has in-built security so sensitive/embargoed 
information can be kept confidential.


To be clear I'm not a list admin or in control of it in any way shape or
form (at least that I'm aware of, Solar if I am in charge you should
probably let me know ;). I simply voiced concerns (e.g. lack of security
advisories/etc.

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code, (continued)
- - - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Jose R R (Oct 06)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code David A. Wheeler (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Rob Fuller (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code David A. Wheeler (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 05)
    - RE: Shellshocker - Repository of "Shellshock" Proof of Concept Code Sona Sarmadi (Oct 05)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Kurt Seifried (Oct 05)
    - RE: Shellshocker - Repository of "Shellshock" Proof of Concept Code Sona Sarmadi (Oct 06)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 06)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code mancha (Oct 06)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 07)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code mancha (Oct 07)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Solar Designer (Oct 07)
    - Re: Shellshocker - Repository of "Shellshock" Proof of Concept Code Chet Ramey (Oct 07)
    - Re: Aftershock (was: Shellshocker - Repository of "Shellshock" Proof of Concept Code) mancha (Oct 08)
    - Re: Aftershock Chet Ramey (Oct 09)
    - RE: Shellshocker - Repository of "Shellshock" Proof of Concept Code Sona Sarmadi (Oct 07)

(Thread continues...)