[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Help with reporting
- To: Dr HenDre <drhendre@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Help with reporting
- From: Andy Lindeman <alindeman@xxxxxxxxx>
- Date: Wed, 30 Nov 2005 10:22:49 -0600
It would probably be the most socially responsible to report the bug
to security@xxxxxxx first and allow them to assist in fixing it and
putting out an advisory (they would almost certainly be amenable to
crediting you with finding it, if this is important to you)
As a quote from http://bugs.php.net/report.php:
"If you feel this bug concerns a security issue, eg a buffer overflow,
weak encryption, etc, then email security@xxxxxxx who will assess the
situation."
--A
On 11/30/05, Dr HenDre <drhendre@xxxxxxxxx> wrote:
> Hi list,
>
> I've been following this list for quite a while now and finally i can
> contribute something.
> I think (i'm pretty sure) I've found a security bug in php, though I
> not at all familiar with reporting bugs to the vendor and to the list.
> So I'm looking for someone who can lead me the way.
>
> Thanks,
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/