It seems that they don't know the meaning of responsible disclosure. They should have given you some time before going public. Unfortunately there are plenty of drama queens in the IT security field.
All responsible disclosure be gone, for I want to have the attribution: first post is all that matters. It builds cred among the "customer base". ----appa On Fri, Apr 26, 2013 at 10:28 AM, Maxim Konovalov <[email protected]> wrote: > Hello, > > On behalf of the nginx team I want to let the community know that we > are aware of the recent security announce[*] and working on the > issue. We will share our conclusion when get more details about its > nature and impact. > > * http://www.securityfocus.com/archive/1/526439/30/0/threaded > > -- > Maxim Konovalov > +7 (910) 4293178 > http://nginx.com/services.html > > _______________________________________________ > nginx mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
