Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 6 Jul 2011 12:09:22 -0700
From: Barry Greene <bgreene@....org>
To: Eugene Teo <eugene@...hat.com>
Cc: oss-security@...ts.openwall.com,
 security-officer@....org
Subject: Re: The Bind incident

Hi Eugene,

Yes, we worked hard to contain disclosure process. Politics took over. We will put factors in place for the next security advisory cycle to remediate so it does not happen again.

Thanks,

Barry

On Jul 5, 2011, at 4:21 AM, Eugene Teo wrote:

> (Cc'ed the ISC folks)
> 
> On 07/05/2011 07:17 PM, Eugene Teo wrote:
>> You might have read about AusCert's accidental disclosure of the ISC
>> Bind advisories today. If you have more information about this, please
>> share. AFAICS, the bind source packages are still not available at the
>> ISC website.
>> 
>> https://bugzilla.redhat.com/CVE-2011-2464
>> https://bugzilla.redhat.com/CVE-2011-2465
>> http://risky.biz/auscert-bind
>> http://pastebin.com/9NUt8Pk0
>> 
>> Thanks, Eugene
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.