[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] All the md5 hashes in every single update message sent to this list

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] All the md5 hashes in every single update message sent to this list
From: B1towel <ben@xxxxxxxxxxx>
Date: Sat, 16 Oct 2010 02:22:24 -0400

What is the purpose of all the patch notification emails that when a security 
vulnerability is fixed the people who send out the notification email include a 
5 mile long list of md5 hashes for every single package and all dependancies 
for the package that was updated? I feel that information does not need to be 
in the notification that the latest version fixed a security vulnerability, and 
to me it just gets in the way of reading the occasionally useful content this 
list has to offer.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] All the md5 hashes in every single update message sent to this list
  - From: Zach C.

Prev by Date: Re: [Full-disclosure] [SquirrelMail-Security] XSS in Squirrelmail plugin 'Virtual Keyboard' <= 0.9.1
Next by Date: Re: [Full-disclosure] All the md5 hashes in every single update message sent to this list
Previous by thread: [Full-disclosure] ZDI-10-213: RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability
Next by thread: Re: [Full-disclosure] All the md5 hashes in every single update message sent to this list
Index(es):
- Date
- Thread