On Fri, 14 Oct 2005, Noèl Köthe wrote:
The last paragraph says something like: "Notable is the fast time of
reaction of the Open Source developer: two days ago the problem was
reported, yesterday corrected packages were produced and details of the
vulnerability were published."
Just want to give you very possitive feedback and say thanks.:)
I mailed Hrvoje the patch roughly 50 minutes after the notification (and he
forwarded it to Mauro). Wget 1.10.2 was relased less than 14 hours after the
first mail brought our attention to this problem.
Both Hrvoje and Mauro acted swiftly and promptly. Nice going guys!
(The plan was originally to coordinate the security fix release with vendors
and between the curl and wget projects, but due to mistakes did the
notification accidentally become public immediately and we had to work really
fast to reduce the impact.)
--
-=- Daniel Stenberg -=- http://daniel.haxx.se -=-
ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol