Re: handling of the gnutls 2.2.4 security fixes

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: handling of the gnutls 2.2.4 security fixes

From:	CERT-FI Vulnerability Co-ordination
Subject:	Re: handling of the gnutls 2.2.4 security fixes
Date:	Tue, 20 May 2008 10:15:57 +0300
User-agent:	Thunderbird 2.0.0.14 (X11/20080505)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> The 2.2.4 release was not handled properly. Vendor-sec received an
> email on the 14th of May stating that CERT-FI was going to send mail
> to us about an upcoming release of gnutls. That mail never arrived.
> Vendor-sec is *the* place to discuss non-public issues like this.
> Maybe this was the fault of the CERT, but the gnutls team should, in
> the future, make an attempt to contact us even if whatever CERT is
> dealing with the issue also promises to.

Mea culpa. It seems I made an error when sending the announcement
to the vendor-sec list. As I don't see the list myself, I did not
realise that it never arrived. I'll try to be more precise with
this in the future.

- -Juhani Eronen / CERT-FI Vulnerability Co-ordination

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIMnpv/64aC2E+yK8RAj5AAKCEY+cH1YO3NL2F4h8yox8HFWroegCgoe1D
cGeeVcENxVHK8kAzMIlEzNg=
=n99z
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

handling of the gnutls 2.2.4 security fixes, Jonathan Smith, 2008/05/20
- Re: [vendor-sec] handling of the gnutls 2.2.4 security fixes, Alan Cox, 2008/05/20
- Re: handling of the gnutls 2.2.4 security fixes, CERT-FI Vulnerability Co-ordination <=
  - Re: handling of the gnutls 2.2.4 security fixes, Simon Josefsson, 2008/05/20

Prev by Date: Re: [Pkg-gnutls-maint] Bug#373169: Bug#373169: fixed in 2.3.10
Next by Date: Re: handling of the gnutls 2.2.4 security fixes
Previous by thread: Re: [vendor-sec] handling of the gnutls 2.2.4 security fixes
Next by thread: Re: handling of the gnutls 2.2.4 security fixes
Index(es):
- Date
- Thread