Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Dec 2016 06:06:41 -0500
From: Jeffrey Walton <>
Subject: Re: CVE-2016-9963 Exim private information leak

On Thu, Dec 22, 2016 at 5:40 AM, Heiko Schlittermann
<> wrote:
> Kurt H Maier <> (Do 22 Dez 2016 01:57:33 CET):
>> On Thu, Dec 22, 2016 at 12:24:09AM +0100, Heiko Schlittermann wrote:
>> >
>> > In case the distros are ready already, we could release on 23rd, but I
>> > need feedbeck from the distros and ack from the other developers.
>> >
>> Please pursue this possibility.
> Ok, I asked the distro@vs… list to get clearance. If the major distros
> supporting Exim give their ok, we're prepared to release sooner. Stay
> tuned.

Its probably worth mentioning the only people who are at a
disadvantage now are the good guys and decision makers.

The bad guys already knew about the problem, or the motivated ones
found it after the partial disclosure.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ