Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Jul 2015 20:43:43 +0200
From: Leif Nixon <nixon@...ator.liu.se>
To: Qualys Security Advisory <qsa@...lys.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser

Qualys Security Advisory <qsa@...lys.com> writes:

> Hello, it is July 23, 2015, 17:00 UTC, the Coordinated Release Date for
> CVE-2015-3245 and CVE-2015-3246.  Please find our advisory below, and
> our exploit attached.

*Why* are you releasing a full exploit just minutes after the patch is
released?

(Disclosure: I am employed by Red Hat, but this is my purely personal question.)

-- 
Leif Nixon
------------------------------------------------------------------------------
"supercomputer specialists are charming, polite [and] witty" -- Wired Magazine
------------------------------------------------------------------------------

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ