Date: Wed, 21 Dec 2016 12:59:52 -0800 From: Kurt H Maier <khm@...ops.net> To: oss-security@...ts.openwall.com Subject: Re: CVE-2016-9963 Exim private information leak On Tue, Dec 20, 2016 at 11:59:35PM +0100, Heiko Schlittermann wrote: > Heiko Schlittermann <hs@...littermann.de> (So 18 Dez 2016 18:59:25 CET): > … > > On Dec, 25th we will make the details and the above mentioned releases > > available to the public. > > To be more precise: On Dec, 25th, at 10.00 UTC we'll push the changes to the public > Git repository git://git.exim.org/exim.git and upload the tar balls into the > FTP area ftp://ftp.exim.org/pub/exim/exim4 Just so we're absolutely clear: You are releasing the fix for a currently-undisclosed security vulnerability on the day most of the Western world's IT staff is on holiday? khm
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ