RE: [Full-Disclosure] openssl exploit code

Tue, 17 Sep 2002 10:08:17 -0700 

Original link:

http://www2.computer-zeitung.de/cz/aktuell/artikel/artikel.1027685895.23234.
html (Can't find it now)

Google's cache (wrapped):

http://216.239.39.100/search?q=cache:LTgFtuQJ2SgC:www2.computer-zeitung.de/c
z/aktuell/artikel/artikel.1027685895.23234.html+Bugtraq+wird+den+Industrieno
rmen+f%C3%BCr+Security-Ver%C3%B6ffentlichungen&hl=en&ie=UTF-8




>>-----Original Message-----
>>From: [EMAIL PROTECTED]
>>[mailto:[EMAIL PROTECTED]]On Behalf Of Florian
>>Weimer
>>Sent: Tuesday, September 17, 2002 11:22 AM
>>To: hellNbak
>>Cc: [EMAIL PROTECTED]
>>Subject: Re: [Full-Disclosure] openssl exploit code
>>
>>
>>hellNbak <[EMAIL PROTECTED]> writes:
>>
>>> Source?  URL?  Article?  I personally would be very surprised if this
>>> happened.  But stranger things have happened.
>>
>>I've got the following quote from Computerzeitung, but no direct URL:
>>
>>| Bugtraq wird den Industrienormen f�r Security-Ver�ffentlichungen
>>| folgen, wie es das heute bereits tut. Es gibt immer Verz�gerungen,
>>| sogar bei Bugtraq: Die Sicherheitsl�cke muss verifiziert und der
>>| Hersteller alarmiert werden. Typischerweise r�umt man ihm immer eine
>>| Gef�lligkeitszeit ein, um einen Patch zu entwickeln. Diesen Standard
>>| werden wir beibehalten.
>>
>>John Schwarz, Chief Operating Office, Symantec.
>>
>>Approximate translation:
>>
>>Bugtraq will follow the industry norms for security disclosures, like
>>it does now.  There are always delays, even with Bugtraq: A security
>>vulnerability has to be verified, and the vendor has to be alarmed.
>>Typically, the vendor gets a grace period to develop a patch.  We will
>>keep this standard.
>>
>>(Sorry, English isn't my native tongue.)
>>
>>--
>>Florian Weimer                          [EMAIL PROTECTED]
>>University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
>>RUS-CERT                          fax +49-711-685-5898
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to