Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 07 Jul 2011 17:15:36 +0800
From: Eugene Teo <eugene@...hat.com>
To: Barry Greene <bgreene@....org>
CC: oss-security@...ts.openwall.com, security-officer@....org
Subject: Re: The Bind incident

On 07/07/2011 03:09 AM, Barry Greene wrote:
> Hi Eugene,
> 
> Yes, we worked hard to contain disclosure process. Politics took over. We will put factors in place for the next security advisory cycle to remediate so it does not happen again.
> 
> Thanks,

Thanks Barry.

Eugene

> Barry
> 
> On Jul 5, 2011, at 4:21 AM, Eugene Teo wrote:
> 
>> (Cc'ed the ISC folks)
>>
>> On 07/05/2011 07:17 PM, Eugene Teo wrote:
>>> You might have read about AusCert's accidental disclosure of the ISC
>>> Bind advisories today. If you have more information about this, please
>>> share. AFAICS, the bind source packages are still not available at the
>>> ISC website.
>>>
>>> https://bugzilla.redhat.com/CVE-2011-2464
>>> https://bugzilla.redhat.com/CVE-2011-2465
>>> http://risky.biz/auscert-bind
>>> http://pastebin.com/9NUt8Pk0
>>>
>>> Thanks, Eugene
>>
> 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.