Date: Wed, 9 Apr 2014 19:15:46 +0100 From: Pawel Biernacki <pawel.biernacki@gmail.com> To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= <des@des.no> Cc: freebsd-security@freebsd.org Subject: Re: Proposal Message-ID: <CAA3htvtKGXhvoJ_k6VvqeeuhN40QF%2BguZfGNhakXrqqiT=iPFQ@mail.gmail.com> In-Reply-To: <86txa2z8xl.fsf@nine.des.no> References: <CAA3htvve4NNvmN0QOf6v4RwbT8PmGrSCFzNCbivfaEMN7J26Ow@mail.gmail.com> <86txa2z8xl.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9 April 2014 18:53, Dag-Erling Sm=C3=B8rgrav <des@des.no> wrote: > Pawel Biernacki <pawel.biernacki@gmail.com> writes: >> RedHat managed to provide the fix within 21 hours but aparently they >> knew very eraly about the issue. FreeBSD Security Team didn't? Why? >> You can _see_ the whole process on their bugzilla >> https://bugzilla.redhat.com/show_bug.cgi?id=3D1084875. > > No you can't. That ticket is just window dressing. By the time it was > created, RedHat had known about the issue for at least a week, and > probably more. > According to http://seclists.org/oss-sec/2014/q2/36 RedHat learnt about it 7th March and after that the bugzilla entry was created. I assume that it was marked as private and unaccessible to other users for few hours until release of SA but at least he have some trace of what was done. --=20 One of God's own prototypes. A high-powered mutant of some kind never even considered for mass production. Too weird to live, and too rare to die= .
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAA3htvtKGXhvoJ_k6VvqeeuhN40QF%2BguZfGNhakXrqqiT=iPFQ>