Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20140912154925.GA20915@openwall.com>
Date: Fri, 12 Sep 2014 19:49:26 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Cc: bert hubert <bert.hubert@...herlabs.nl>
Subject: Re: PowerDNS Recursor 3.6.0 can be crashed remotely (CVE-2014-3614)

On Fri, Sep 12, 2014 at 05:14:55PM +0400, Solar Designer wrote:
> Since the issue was already public on the same day, I think it should
> have been posted to oss-security right away, without use of the distros
> list.

I was wrong.  The issue was first brought to the distros list via a
separate message on September 8, two days before public disclosure.
So use of the distros list was appropriate.  The only thing that went
wrong (as far as list policy is concerned) was that on September 10 a
notification wasn't sent to oss-security (but was sent to distros).

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.