Re: PowerDNS Recursor 3.6.0 can be crashed remotely (CVE-2014-3614)

[Solar Designer <solar () openwall com>]

On Fri, Sep 12, 2014 at 05:14:55PM +0400, Solar Designer wrote:
> Since the issue was already public on the same day, I think it should
> have been posted to oss-security right away, without use of the distros
> list.

I was wrong.  The issue was first brought to the distros list via a
separate message on September 8, two days before public disclosure.
So use of the distros list was appropriate.  The only thing that went
wrong (as far as list policy is concerned) was that on September 10 a
notification wasn't sent to oss-security (but was sent to distros).

Alexander