Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Jan 2016 18:48:08 +0100
From: Hanno Böck <>
Subject: Re: 2015 kernel CVEs

On Wed, 20 Jan 2016 14:15:14 +0000
Wade Mealing <> wrote:

> I'm all about improving process, I imagine I would have done the same
> steps.   What changes to the responses would need to be made to be
> less limited ?  Understand that i'm not taking this personally and
> consider this an opportunity for Red Hat Security to improve as a
> group.

Just to make this clear, I was not involved at all. I based my
statement purely on publicly available information from the advisory
that says:
"We unsuccessfully tried to contact the vendor for several months. We
never received any response on our bugtraq ticket:"

So I'm not the right person to discuss what went wrong in the process.

FWIW I tried to reach out to one of the people doing this research
(Sergej Schumilo) and hope we can make sure these issues get tackled.

Hanno Böck


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.