[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] Help with reporting
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] Help with reporting
- From: "Jeroen van Meeuwen" <kanarip@xxxxxxxxxxxxxx>
- Date: Fri, 2 Dec 2005 18:14:06 +0100
Or you could just report the bug to the list...
Kind regards,
Jeroen van Meeuwen
--
kanarip
> It would probably be the most socially responsible to report the bug
> to security@xxxxxxx first and allow them to assist in fixing it and
> putting out an advisory (they would almost certainly be amenable to
> crediting you with finding it, if this is important to you)
>
> As a quote from http://bugs.php.net/report.php:
>
> "If you feel this bug concerns a security issue, eg a buffer overflow,
> weak encryption, etc, then email security@xxxxxxx who will assess the
> situation."
>
> --A
>
> On 11/30/05, Dr HenDre <drhendre@xxxxxxxxx> wrote:
> > Hi list,
> >
> > I've been following this list for quite a while now and finally i can
> > contribute something.
> > I think (i'm pretty sure) I've found a security bug in php, though I
> > not at all familiar with reporting bugs to the vendor and to the list.
> > So I'm looking for someone who can lead me the way.
> >
> > Thanks,
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/