[6646] in bugtraq
Re: CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw
daemon@ATHENA.MIT.EDU (Alan Cox)
Fri May 1 14:15:16 1998
Date: Fri, 1 May 1998 17:44:05 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To: dossy@PANOPTIC.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19980501023128.A22544@panoptic.com> from "Allanah Myles" at May
1, 98 02:31:28 am
> impression that with the decision to make X commercial, they disavowed
> older versions of X. Security and patches for older versions of X
> should now fall into the responsibility to those parties who maintain
> them.
Indeed - which means they lied to CERT when they told CERT everyone
affected had the patches or CERT screwed up in releasing the report.
If CERT were working by their own (at times ridiculous) rules they would
have informed XFree86 and sat on the announcement until they had patches.
Maybe the CERT guys would like to tell bugtraq what happened ?
Alan
