oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2016-9963 Exim private information leak

From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 22 Dec 2016 06:06:41 -0500
On Thu, Dec 22, 2016 at 5:40 AM, Heiko Schlittermann
<hs () schlittermann de> wrote:

Kurt H Maier <khm () sciops net> (Do 22 Dez 2016 01:57:33 CET):

On Thu, Dec 22, 2016 at 12:24:09AM +0100, Heiko Schlittermann wrote:


In case the distros are ready already, we could release on 23rd, but I
need feedbeck from the distros and ack from the other developers.


Please pursue this possibility.


Ok, I asked the distro@vs… list to get clearance. If the major distros
supporting Exim give their ok, we're prepared to release sooner. Stay
tuned.


Its probably worth mentioning the only people who are at a
disadvantage now are the good guys and decision makers.

The bad guys already knew about the problem, or the motivated ones
found it after the partial disclosure.

Jeff
Previous By Date Next
Previous By Thread Next

Current thread: