Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Oct 2013 02:41:37 +0000
From: Jeremy Stanley <fungi@...goth.org>
To: oss-security@...ts.openwall.com
Subject: Re: Source of bad password hashing practices? MySQL
 manual...

On 2013-10-09 14:16:27 -0700 (-0700), Chris Palmer wrote:
[...]
> Does anyone know the right MySQL security contact? It isn't
> immediately obvious from a few web searches, but maybe
> secalert_us@...cle.com is right? Making that clear, and maybe
> publishing a PGP key, is another thing they could do...

Their vulnerability reporting contact page
<URL: http://www.oracle.com/us/support/assurance/vulnerability-remediation/reporting-security-vulnerabilities/index.html >
links to an encrypting key
<URL: http://www.oracle.com/technetwork/topics/security/encryptionkey-090208.html?ssSourceSiteId=ocomen >
assuming that's what you're looking for? (I had to get former MySQL
developers to point me to it, as a cursory search wasn't turning up
much for me either.)
-- 
{ PGP( 48F9961143495829 ); FINGER( fungi@...ulhu.yuggoth.org );
WWW( http://fungi.yuggoth.org/ ); IRC( fungi@....yuggoth.org#ccl );
WHOIS( STANL3-ARIN ); MUD( kinrui@...arsis.mudpy.org:6669 ); }

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ