On Tue, 11 Jun 2002, Phil Dibowitz wrote:
> Ahhh. Sounds like many of the bugs I've found in my own software. Yep, just an oversight. There have been larger, more serious ones. :) > > Phil: In the future, please try a bit harder to notify someone if you > > believe that a bug is serious enough for posting to bugtraq. freebsd-net > > is a relatively busy list, and things do get missed. > > Certainly. I appologize if I caused the FreeBSD developers any grief over my > post. I'm not a FreeBSD user myself and wasn't aware of the > http://www.freebsd.org/send-pr.html page until yesterday. I did submit a bug > report there yesterday, which got assigned an ID of kern/39141, so when you > commit the fix, you can update/close that case as well. Thanks again for your > quick response. > > > Phil Dibowitz I don't think you caused any grief; releasing this information didn't hurt anyone. Had it been some remotely exploitable bug which was not yet patched, then I would be annoyed. For the record, filing a PR isn't always enough, either. There are a lot filed, and we often get very behind on them. :) So, if you do find a security issue in the future, please directly e-mail [EMAIL PROTECTED] so that it gets handled properly. If you find less serious bugs, feel free to drop me an e-mail if mail to the -net list falls on deaf ears. Mike "Silby" Silbersack To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
