User: Password:
Subscribe / Log in / New account

Another old security problem

Another old security problem

Posted Sep 10, 2010 20:31 UTC (Fri) by Trelane (subscriber, #56877)
In reply to: Another old security problem by spender
Parent article: Another old security problem

since he was being responsive, chose to share some additional vulnerabilities with him.
Mmm, this sounds like you sit on vulnerabilities, choosing to notify people who can fix it upstream if and only if they're "being responsive". Is this accurate? Are you sitting on any now?
With the general upstream attitude and handling of security bugs, on principle I don't email vendor-sec or security@.
What principle is this that you're acting on?

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds