Daniel Stenberg wrote:
On Fri, 14 Oct 2005, Noèl Köthe wrote:
The last paragraph says something like: "Notable is the fast time of
reaction of the Open Source developer: two days ago the problem was
reported, yesterday corrected packages were produced and details of
the vulnerability were published."
Just want to give you very possitive feedback and say thanks.:)
I mailed Hrvoje the patch roughly 50 minutes after the notification (and
he forwarded it to Mauro). Wget 1.10.2 was relased less than 14 hours
after the first mail brought our attention to this problem.
Both Hrvoje and Mauro acted swiftly and promptly. Nice going guys!
i was notified of the vulnerability by hrvoje and daniel. when i
received the security report daniel had aready sent us the bugfix. it
took me no more than 30 minutes to include the patch in our stable
branch and release wget 1.10.2.
thanks again, daniel.
Aequam memento rebus in arduis servare mentem...
Mauro Tortonesi http://www.tortonesi.com
University of Ferrara - Dept. of Eng. http://www.ing.unife.it
GNU Wget - HTTP/FTP file retrieval tool http://www.gnu.org/software/wget
Deep Space 6 - IPv6 for Linux http://www.deepspace6.net
Ferrara Linux User Group http://www.ferrara.linux.it