lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
From: vdanen at mandrakesoft.com (Vincent Danen)
Subject: MDKSA-2005:020 - Updated kdegraphics packages
	fix buffer overflow vulnerability


On Jan 25, 2005, at 22:57, Rembrandt wrote:

> On Tue, 25 Jan 2005 21:51:01 -0700
> Mandrake Linux Security Team <security@...ux-mandrake.com> wrote:
>
> Dear Mandrake Linux Security Team,
> Why can't you spam another mailinglist?
> Or create an own for your PATCHES....
>
> It nerves to get more then one mail from you at month.
> How do you provide something?
> Codes? ProofOfConcep-Exploits?
> You just write "We fixed..."
> Or in other words "Hey guys there's something wrong with a package
> related to our OS."
>
> If MS would send every patch they wrote a mail to this mailinglist the
> list-owner would kickout MS for that.
> I don't know why it should be different for you or any other OS.

Hmmm... like many other vendors, we "spam" a number of mailing lists 
(FD, bugtraq (when they feel like putting new messages through), and 
our own security-announce list).  Do you rant at Gentoo, Debian, 
Ubuntu... (the list goes on) as well?

Anyways, you seem to be a moderately intelligent person so why don't 
you setup a filter in sylpheed to send all mail from 
security@...ux-mandrake.com to /dev/null?  Should be pretty 
straightforward.  That way you don't have to get "nerved" and the 
people who do appreciate the advisories can continue to receive them.

If the list owners asked us to stop, we would respectfully do it.  But, 
since you're asking, I think I'll just leave it up to you to figure out 
how to filter mail (it's a fairly amazing concept once you get it 
figured out).

-- 
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C  A2BC 2EBC 5E32 FEE3 0AD4}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050127/f67f4ffe/PGP.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ