Does anyone know if there is official/unofficial vendor/manufacturer list yet to all their official Vulnerability webpage info? I thought I saw some when Heartbleed broke out. -- Later, Joe
On Wed, Sep 24, 2014 at 9:41 PM, Hugo Slabbert <h...@slabnet.com> wrote: > when do you think the embargo is over? >> > > ref: http://seclists.org/oss-sec/2014/q3/650 > > "At present, public disclosure is scheduled for Wednesday, 2014-09-24 > 14:00 UTC. We do not expect the schedule to change, but we may be > forced to revise it." > > Date: Wed, 24 Sep 2014 15:07:26 -0400 >> From: Jared Mauch <ja...@puck.nether.net> >> To: Randy Bush <ra...@psg.com> >> Cc: North American Network Operators' Group <nanog@nanog.org> >> Subject: Re: update >> X-Mailer: Apple Mail (2.1985.4) >> >> Can I presume you’re talking about the bash CVE-2014-6271? >> > > Date: Wed, 24 Sep 2014 13:09:19 -0600 >> From: Spencer Gaw <spenc...@frii.net> >> To: Randy Bush <ra...@psg.com>, North American Network Operators' Group < >> nanog@nanog.org> >> Subject: Re: update >> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 >> Thunderbird/31.1.1 >> >> See: http://seclists.org/oss-sec/2014/q3/650 >> > > Both are > 2014-09-24 14:00 UTC by my count. Unless the embargo got > extended? > > > On Thu 2014-Sep-25 13:05:45 +0900, Randy Bush <ra...@psg.com> wrote: > > Keeping silent after the embargo is over isn't doing anyone any >>> favors. >>> >> >> when do you think the embargo is over? >> >> yes, it got blabbed. but that does not mean one should be a blabber. >> >> randy >> > > -- > Hugo >
