Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Dec 2016 12:28:45 +0100
From: Heiko Schlittermann <hs@...littermann.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2016-9963 Exim private information leak

Jeffrey Walton <noloader@...il.com> (Do 22 Dez 2016 12:06:41 CET):
…
> The bad guys already knew about the problem, or the motivated ones
> found it after the partial disclosure.

Partial disclousure? I think, there was no disclosure at all, beside
requesting a CVE and talking about a possible leak of private
information. Is this enough to call it "partial disclousure"?

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ