Date: Wed, 20 Jan 2016 18:48:08 +0100 From: Hanno Böck <hanno@...eck.de> To: kernel-hardening@...ts.openwall.com Subject: Re: 2015 kernel CVEs On Wed, 20 Jan 2016 14:15:14 +0000 Wade Mealing <wmealing@...il.com> wrote: > I'm all about improving process, I imagine I would have done the same > steps. What changes to the responses would need to be made to be > less limited ? Understand that i'm not taking this personally and > consider this an opportunity for Red Hat Security to improve as a > group. Just to make this clear, I was not involved at all. I based my statement purely on publicly available information from the advisory that says: "We unsuccessfully tried to contact the vendor for several months. We never received any response on our bugtraq ticket:" So I'm not the right person to discuss what went wrong in the process. FWIW I tried to reach out to one of the people doing this research (Sergej Schumilo) and hope we can make sure these issues get tackled. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.