Brad Knowles wrote on Thu, 10 Feb 2005 02:32:18 +0100: > However, I also take Chuq's point that all security announcements > to this list, and all related mailman mailing lists hosted on > python.org, should be made by Barry or one of the other core > developers. >
This was not a "security announcement". And the posting on full-disclosure wasn't really a "disclosure". full-disclosure account passwords itself got hacked and this was an alert for the list members about this fact and the cause. It's also on MITRE and got publicized via news sites. It's an *actively exploited* security hole, not a PoC or possible security problem. I really don't see any sense in insisting that informing about it here and pointing to the source makes anyone more unsafe. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
