Date: Wed, 6 Jul 2011 12:09:22 -0700 From: Barry Greene <bgreene@....org> To: Eugene Teo <eugene@...hat.com> Cc: oss-security@...ts.openwall.com, security-officer@....org Subject: Re: The Bind incident Hi Eugene, Yes, we worked hard to contain disclosure process. Politics took over. We will put factors in place for the next security advisory cycle to remediate so it does not happen again. Thanks, Barry On Jul 5, 2011, at 4:21 AM, Eugene Teo wrote: > (Cc'ed the ISC folks) > > On 07/05/2011 07:17 PM, Eugene Teo wrote: >> You might have read about AusCert's accidental disclosure of the ISC >> Bind advisories today. If you have more information about this, please >> share. AFAICS, the bind source packages are still not available at the >> ISC website. >> >> https://bugzilla.redhat.com/CVE-2011-2464 >> https://bugzilla.redhat.com/CVE-2011-2465 >> http://risky.biz/auscert-bind >> http://pastebin.com/9NUt8Pk0 >> >> Thanks, Eugene >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.