update

• Previous message (by thread): update
• Next message (by thread): update
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Does anyone know if there is official/unofficial vendor/manufacturer list
yet to all their official Vulnerability webpage info?
I thought I saw some when Heartbleed broke out.
--
Later, Joe

On Wed, Sep 24, 2014 at 9:41 PM, Hugo Slabbert <hugo at slabnet.com> wrote:

> when do you think the embargo is over?
>>
>
> ref: http://seclists.org/oss-sec/2014/q3/650
>
> "At present, public disclosure is scheduled for Wednesday, 2014-09-24
> 14:00 UTC.  We do not expect the schedule to change, but we may be
> forced to revise it."
>
>  Date: Wed, 24 Sep 2014 15:07:26 -0400
>> From: Jared Mauch <jared at puck.nether.net>
>> To: Randy Bush <randy at psg.com>
>> Cc: North American Network Operators' Group <nanog at nanog.org>
>> Subject: Re: update
>> X-Mailer: Apple Mail (2.1985.4)
>>
>> Can I presume you’re talking about the bash CVE-2014-6271?
>>
>
>  Date: Wed, 24 Sep 2014 13:09:19 -0600
>> From: Spencer Gaw <spencerg at frii.net>
>> To: Randy Bush <randy at psg.com>, North American Network Operators' Group <
>> nanog at nanog.org>
>> Subject: Re: update
>> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101
>> Thunderbird/31.1.1
>>
>> See: http://seclists.org/oss-sec/2014/q3/650
>>
>
> Both are > 2014-09-24 14:00 UTC by my count.  Unless the embargo got
> extended?
>
>
> On Thu 2014-Sep-25 13:05:45 +0900, Randy Bush <randy at psg.com> wrote:
>
>  Keeping silent after the embargo is over isn't doing anyone any
>>> favors.
>>>
>>
>> when do you think the embargo is over?
>>
>> yes, it got blabbed.  but that does not mean one should be a blabber.
>>
>> randy
>>
>
> --
> Hugo
>

• Previous message (by thread): update
• Next message (by thread): update
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]