oss-sec mailing list archives

Re: Linux BlueBorne vulnerabilities

From: Solar Designer <solar () openwall com>
Date: Fri, 15 Sep 2017 14:31:25 +0200

On Fri, Sep 15, 2017 at 12:28:11PM +0000, Ben Seri wrote:

Our thought is that since these issues affect multi vendors that are using
Linux, the longer the embargo period, the better chance there is a
coordinated patch goes out to as many users as possible once the embargo is
lifted.


Indeed, but it's 2017, not 1997.  14 days is considered a long embargo
period now.  Unnecessarily long embargoes hurt more than they help.

Alexander

Current thread:

Linux BlueBorne vulnerabilities Armis Security (Sep 13)
- Re: Linux BlueBorne vulnerabilities Petr Matousek (Sep 14)
  - Re: Linux BlueBorne vulnerabilities Armis Security (Sep 14)
    - Re: Linux BlueBorne vulnerabilities Solar Designer (Sep 14)
    - Re: Linux BlueBorne vulnerabilities Ben Seri (Sep 15)
    - Re: Linux BlueBorne vulnerabilities Solar Designer (Sep 15)
    - Re: Linux BlueBorne vulnerabilities Ben Seri (Sep 15)
    - Re: Linux BlueBorne vulnerabilities Solar Designer (Sep 27)
- Re: Linux BlueBorne vulnerabilities Solar Designer (Sep 14)