oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Source of bad password hashing practices? MySQL manual...

From: Jeremy Stanley <fungi () yuggoth org>
Date: Thu, 10 Oct 2013 02:41:37 +0000
On 2013-10-09 14:16:27 -0700 (-0700), Chris Palmer wrote:
[...]

Does anyone know the right MySQL security contact? It isn't
immediately obvious from a few web searches, but maybe
secalert_us () oracle com is right? Making that clear, and maybe
publishing a PGP key, is another thing they could do...


Their vulnerability reporting contact page
<URL: 
http://www.oracle.com/us/support/assurance/vulnerability-remediation/reporting-security-vulnerabilities/index.html >
links to an encrypting key
<URL: http://www.oracle.com/technetwork/topics/security/encryptionkey-090208.html?ssSourceSiteId=ocomen >
assuming that's what you're looking for? (I had to get former MySQL
developers to point me to it, as a cursory search wasn't turning up
much for me either.)
-- 
{ PGP( 48F9961143495829 ); FINGER( fungi () cthulhu yuggoth org );
WWW( http://fungi.yuggoth.org/ ); IRC( fungi () irc yuggoth org#ccl );
WHOIS( STANL3-ARIN ); MUD( kinrui () katarsis mudpy org:6669 ); }
Previous By Date Next
Previous By Thread Next

Current thread: