Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Feb 2018 11:25:49 +0100
From: Heiko Schlittermann <hs@...marc.schlittermann.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2018-6789 Exim 4.90 and earlier: buffer overflow

Heiko Schlittermann <hs@...littermann.de> (Mi 07 Feb 2018 11:39:43 CET):
> CVE-2018-6789 Exim 4.90 and earlier
> ===================================
….
> Next steps:
> 
> * t0:     Distros will get access to our "security" non-public git repo
>           (based on the SSH keys known to us)
> * t0 +7d: Patch will be published on the official public git repo
 
 t0 was 2018-02-08 17:00 UTC

As one distro failed to keep the embargo we need to cut the time
for the distros and we'll release the patch to the public today.

    2018-02-10 18:00 UTC

Sorry for the inconvenience, thank you for understanding and for using
Exim.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.