Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Dec 2016 12:59:52 -0800
From: Kurt H Maier <khm@...ops.net>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2016-9963 Exim private information leak

On Tue, Dec 20, 2016 at 11:59:35PM +0100, Heiko Schlittermann wrote:
> Heiko Schlittermann <hs@...littermann.de> (So 18 Dez 2016 18:59:25 CET):
> …
> > On Dec, 25th we will make the details and the above mentioned releases
> > available to the public.
> 
> To be more precise: On Dec, 25th, at 10.00 UTC we'll push the changes to the public
> Git repository git://git.exim.org/exim.git and upload the tar balls into the 
> FTP area ftp://ftp.exim.org/pub/exim/exim4

Just so we're absolutely clear:

You are releasing the fix for a currently-undisclosed security
vulnerability on the day most of the Western world's IT staff is on
holiday?

khm

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ