[20472] in bugtraq
Re: Advisory for perl webserver
daemon@ATHENA.MIT.EDU (neme-dhc@HUSHMAIL.COM)
Thu Apr 26 20:46:05 2001
Content-type: multipart/mixed;
boundary="Hushpart_boundary_lEasyjxbnBXNtIrhbIewoQViUaGtQLtg"
Mime-version: 1.0
Message-ID: <200104261355.GAA31465@user7.hushmail.com>
Date: Thu, 26 Apr 2001 09:53:23 -0500
Reply-To: neme-dhc@HUSHMAIL.COM
From: neme-dhc@HUSHMAIL.COM
To: BUGTRAQ@SECURITYFOCUS.COM
--Hushpart_boundary_lEasyjxbnBXNtIrhbIewoQViUaGtQLtg
Content-type: text/plain
Hi,
I e-mailed them a week before I sent the advisory out: 2 weekend days and
5 work days.
Even if there has been a limited distribution, it IS in use apparantly which
is enough for me to want to publish it. How common the problem is or in
what state the software is should
not be the issue. The issue is if the bug is there. How would you like it
if your twang doodle daemon had a bug but just because it wasn't common
enough it wasn't reported. Someone else finds out about it and exploits
your server. It is not fun.
greetz,
nemesystm
At Tue, 24 Apr 2001 17:18:02 -0500, "NESTING, DAVID M (SBCSI)" <dn3723@sbc.com>
wrote:
>
>Do we really need to be seeing advisories on alpha versions of software
>that
>is under active development? This is hardly a production-quality
>application and even their own download statistics show that its
>distribution has been very limited.
>
>Furthermore, I don't see a bug report entry in their SourceForge project.
>You did report this to them before you sent it to BugTraq, yes?
Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_lEasyjxbnBXNtIrhbIewoQViUaGtQLtg--
