Re: [Full-disclosure] Secunia published adviso without respectingrelease date !

From: Xavier Beaudouin (kiwi_at_oav.net)
Date: 07/14/05

  • Next message: evilninja: "Re: [Full-disclosure] acct-6.3.2 has a bug!" 
    Date: Thu, 14 Jul 2005 12:59:49 +0200
To: <ad@class101.org> <ad@class101.org>

    This is usual with secunia..

    I had at "bug" in a beta version of software and they "release" a
    vulnerability to *all* version of this software
    without even inform the maintainer (me) of this "pseudo advisory".

    My thought with this guys are now : don't even trust them... They
    push advisory without testing and respect the
    usual way to inform developper as it should.

    My 0,02€
    /xavier
    Le 13 juil. 05 à 23:45, <ad@class101.org> <ad@class101.org> a écrit :

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    >
    >
    > Then don't send to Secunia b4 the rls date ! HUH
    >
    >
    > - -----Message d'origine-----
    > De : full-disclosure-bounces@lists.grok.org.uk [mailto:full-
    > disclosure-bounces@lists.grok.org.uk] De la part de Eric Romang
    > Envoyé : mardi 12 juillet 2005 21:09 À : support@secunia.com Cc :
    > full-disclosure@lists.grok.org.uk; Eric Romang Objet : [Full-
    > disclosure] Secunia published adviso without respectingrelease date !
    >
    >
    > Hello,
    >
    > This adviso are published on your website, but the patch are not
    > already ok.
    > I have contact upstream today, before you release the adviso, so they
    > could react.
    >
    > As you can see in the adviso, the release date was not given !!!!
    >
    > http://secunia.com/advisories/16040/
    > http://secunia.com/advisories/16040/
    > http://secunia.com/advisories/16038/
    >
    > You release adviso without respect the normal process to publish
    > adviso.
    >
    > This guy is monitoring my /adviso/ folder.
    >
    > 80.161.200.182
    >
    > I think this guy is working for you.
    >
    > So please say to him to respect the normal process in a security
    > process.
    >
    > Regards.
    >
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    > Hosted and sponsored by Secunia - http://secunia.com/
    > -----BEGIN PGP SIGNATURE-----
    > Version: GnuPG v1.4.2rc2 (MingW32)
    >
    > iQIVAwUBQtWLU6+LRXunxpxfAQL+1w/+IE947ec5TVHTUox8RC5JCSSAkk+C3GTf
    > wAvkTzYoN7p0LLgFOGmf0oZUQytxQ1QKjgRSv0WeHM3sh/ZX3E33l6z+1aPwLOsO
    > asJDVVYHoxJMTbxccO01dM724UvANPvfO68Y3YHOIcZupJQhzuIqIR8u+clUwwpc
    > M7bToYBMaQbyGKCPuBpVdUqK8DVuXj9Q/+Fz8G+2kvEfM/leGhkOh55AWqcQyyJ0
    > YMEYFz4pxoR7HnYvMbxh3GLdRda0YhQj12uNw29VacLDmlYJ9JEIp2sk***/nMM/
    > CMoVGMHz+HbOhBJTOYoLvqVUcPB9rahXNxgRHas/z8gydFUYzY8IXF5oWlAnw6UQ
    > XrAYR9EvEJaXFO+FqDAoppEnvfv7NNm+dzs5yZCZM1cKel028Zg95sKkzjoAnqZA
    > CfVke2I7/0nFX3gnq/Ka54reKKKk0U732zwV1RFqanmaVueCsmoj8IhbL+3Gc1So
    > fwuhG5uGXskTqVh0qr3FMxXgf9dHDJqzZyTIS2Wi2St8SZzAQSOfIpZ8tuOA4YQO
    > QK3hIOExKFDzZXSidlZzR0455YQKEyzjuylctWRcZwx51a/E6u1/ZDty/DRgO37S
    > d4YFiD0za38qE7Etu5nEG1CZIhlU5mroKCqE00ld97eu9rv2tUeYC/aN4W+wnOTm
    > S6Q77U46E8A=
    > =VbS3
    > -----END PGP SIGNATURE-----
    >
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    > Hosted and sponsored by Secunia - http://secunia.com/
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: evilninja: "Re: [Full-disclosure] acct-6.3.2 has a bug!"
    • Quantcast