North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS,Memory Jumps, Integer Overflow)
[email protected] wrote: I wonder how many other unreported silently-patched vulnerabilities are out there?You seem to be inferring that it is a bad thing to silently patch bugs which may have security implications. The OpenBSD Full disclosure, we believe in it. team makes a habit of auditing software for flaws and fixing them without waiting to find out whether they create actual security vulnerabilities. They consider this to be a GOOD thing. It is a good thing. I think that people who use software also consider it toI wonder if the same network operators will be happy about potentially millions of compromised sendmail servers globally.
|