lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 16 Feb 2024 17:58:20 +0000
From: "zdi-disclosures@...ndmicro.com" <zdi-disclosures@...ndmicro.com>
To: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>,
	"valentina.manea.m@...il.com" <valentina.manea.m@...il.com>,
	"shuah@...nel.org" <shuah@...nel.org>, "i@...ithal.me" <i@...ithal.me>
Subject: RE: ZDI-CAN-22273: New Vulnerability Report

Hi Greg,
Thanks for the update :)

Cheers,
Rebecca

-----Original Message-----
From: gregkh@...uxfoundation.org <gregkh@...uxfoundation.org>
Sent: Friday, February 16, 2024 12:37 PM
To: ZDI Disclosures Mailbox <zdi-disclosures@...ndmicro.com>
Cc: linux-kernel@...r.kernel.org; linux-usb@...r.kernel.org; valentina.manea.m@...il.com; shuah@...nel.org; i@...ithal.me
Subject: Re: ZDI-CAN-22273: New Vulnerability Report

On Fri, Feb 16, 2024 at 05:27:57PM +0000, zdi-disclosures@...ndmicro.com wrote:
> Hello,
> Do you have any updates to share regarding this vulnerability? The 120-day deadline for this case was January 31, 2024. We will publish this soon in accordance with the ZDI 120-day Disclosure policy if there is not an available fix.

I asked some questions to this, a few hours after you sent this to us,
yet we recieved no response and as such it did not go anywhere.

So this is all on you now.

Also note, you are talking on a public mailing list, there is not much
left to "disclose" :)

thanks,

greg k-h
TREND MICRO EMAIL NOTICE

The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.

For details about what personal information we collect and why, please see our Privacy Notice on our website at: Read privacy policy<http://www.trendmicro.com/privacy>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ