Full Disclosure mailing list archives
openssl exploit code
From: Ken () infosec101 org (Ken Pfeil)
Date: Tue, 17 Sep 2002 13:04:51 -0400
Original link: http://www2.computer-zeitung.de/cz/aktuell/artikel/artikel.1027685895.23234. html (Can't find it now) Google's cache (wrapped): http://216.239.39.100/search?q=cache:LTgFtuQJ2SgC:www2.computer-zeitung.de/c z/aktuell/artikel/artikel.1027685895.23234.html+Bugtraq+wird+den+Industrieno rmen+f%C3%BCr+Security-Ver%C3%B6ffentlichungen&hl=en&ie=UTF-8
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Florian Weimer Sent: Tuesday, September 17, 2002 11:22 AM To: hellNbak Cc: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] openssl exploit code hellNbak <hellnbak () nmrc org> writes:Source? URL? Article? I personally would be very surprised if this happened. But stranger things have happened.I've got the following quote from Computerzeitung, but no direct URL: | Bugtraq wird den Industrienormen für Security-Veröffentlichungen | folgen, wie es das heute bereits tut. Es gibt immer Verzögerungen, | sogar bei Bugtraq: Die Sicherheitslücke muss verifiziert und der | Hersteller alarmiert werden. Typischerweise räumt man ihm immer eine | Gefälligkeitszeit ein, um einen Patch zu entwickeln. Diesen Standard | werden wir beibehalten. John Schwarz, Chief Operating Office, Symantec. Approximate translation: Bugtraq will follow the industry norms for security disclosures, like it does now. There are always delays, even with Bugtraq: A security vulnerability has to be verified, and the vendor has to be alarmed. Typically, the vendor gets a grace period to develop a patch. We will keep this standard. (Sorry, English isn't my native tongue.) -- Florian Weimer Weimer () CERT Uni-Stuttgart DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code Blue Boar (Sep 16)
- openssl exploit code Florian Weimer (Sep 17)
- openssl exploit code hellNbak (Sep 17)
- openssl exploit code Florian Weimer (Sep 17)
- openssl exploit code Isaak Bloodlore (Sep 17)
- openssl exploit code Ken Pfeil (Sep 17)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code Jonathan Rickman (Sep 17)
- openssl exploit code hellNbak (Sep 17)
- openssl exploit code Georgi Guninski (Sep 17)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Isaak Bloodlore (Sep 17)
- openssl exploit code hellNbak (Sep 16)
- <Possible follow-ups>
- openssl exploit code Arjen De Landgraaf (Sep 16)
- openssl exploit code Arjen De Landgraaf (Sep 17)