Bugtraq mailing list archives
Re: OpenBSD xlock exploit
From: Darren Reed <avalon () COOMBS ANU EDU AU>
Date: Mon, 9 Oct 2000 11:22:27 +1100
In some mail from Theo de Raadt, sie said: [...]
I am sorry, but you and K2 are out of line when you say that we didn't tell the world about this. We did.
Hmmm, I'll beg to differ and nit pick. You published information locally to www.openbsd.org but didn't announce via an active distribution that known security problems had been fixed. What you're essentially saying is that "check the openbsd web site regularly because we're not going to announce (via) any advisories when we fix known security holes". [...]
So, and I see this with sincere sarcasm, do you want me to post all of our patches for all of our format string fixes? I can, if you really want. Think about where bugtraq would head if we were to do that.
We already see n patches for Linux this and Linux that, not to forget the spam from n Linux vendors when each one fixes a problem, so I'm not sure that it would detract from bugtraq in any meaningful manner. Darren
Current thread:
- OpenBSD xlock exploit Noir Desir (Oct 05)
- <Possible follow-ups>
- Re: OpenBSD xlock exploit lunguz (Oct 05)
- Re: OpenBSD xlock exploit Theo de Raadt (Oct 06)
- Re: OpenBSD xlock exploit Theo de Raadt (Oct 08)
- Re: OpenBSD xlock exploit Darren Reed (Oct 09)
- Re: OpenBSD xlock exploit Riley Hassell (Oct 10)