Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Wed, 9 Jul 2008 01:08:07 +0000
From: The Fungi <fungi@...goth.org>
To: oss-security@...ts.openwall.com
Subject: Re: Major DNS vulnerability announced [CVE Question]

On Tue, Jul 08, 2008 at 04:26:14PM -0800, Jonathan Smith wrote:
> BIND's advisory sounds suspiciously similar (indeed, until you
> sent this email, I didn't even consider that they were different).
[...]

My understanding is that this was a coordinated/embargoed patch
announcement date among several vendors, including both ISC and
Microsoft, the reasons for which will become more apparent when Dan
presents at Black Hat next month.
-- 
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@...goth.org); IRC(fungi@....yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@...goth.org);
MUD(fungi@...arsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux