[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] iDEFENSE Security Advisory 01.14.05: Exim dns_buld_reverse() Buffer Overflow Vulnerability

* Marc Haber:

>> VIII. DISCLOSURE TIMELINE
>> 
>> 09/30/2004  Initial vendor notification
>> 09/30/2004  Initial vendor response

>   01/04/2005  Vendor releases a patch

(publicly, by the way)

>   01/14/2005  Vendor releases interim release incorporating the patch

>> 01/14/2005  Public disclosure

I'd a bit surprised if this timeline were correct.  I can't really
imagine Philip sitting on this bug for a couple of months.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html