| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3f3ecb5a0511300822j6cf66518g712de8b36cf8f72b@mail.gmail.com> Date: Wed Nov 30 16:23:00 2005 From: alindeman at gmail.com (Andy Lindeman) Subject: Help with reporting It would probably be the most socially responsible to report the bug to security@....net first and allow them to assist in fixing it and putting out an advisory (they would almost certainly be amenable to crediting you with finding it, if this is important to you) As a quote from http://bugs.php.net/report.php: "If you feel this bug concerns a security issue, eg a buffer overflow, weak encryption, etc, then email security@....net who will assess the situation." --A On 11/30/05, Dr HenDre <drhendre@...il.com> wrote: > Hi list, > > I've been following this list for quite a while now and finally i can > contribute something. > I think (i'm pretty sure) I've found a security bug in php, though I > not at all familiar with reporting bugs to the vendor and to the list. > So I'm looking for someone who can lead me the way. > > Thanks, > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists