lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <873bx1je46.fsf@deneb.enyo.de>
From: fw at deneb.enyo.de (Florian Weimer)
Subject: iDEFENSE Security Advisory 01.14.05: Exim
	dns_buld_reverse() Buffer Overflow Vulnerability

* Marc Haber:

>> VIII. DISCLOSURE TIMELINE
>> 
>> 09/30/2004  Initial vendor notification
>> 09/30/2004  Initial vendor response

>   01/04/2005  Vendor releases a patch

(publicly, by the way)

>   01/14/2005  Vendor releases interim release incorporating the patch

>> 01/14/2005  Public disclosure

I'd a bit surprised if this timeline were correct.  I can't really
imagine Philip sitting on this bug for a couple of months.


Powered by blists - more mailing lists