Evan Martin (evan) wrote in evan_tech,
Evan Martin
evan
evan_tech

security bugs

http://seclists.org/fulldisclosure/2009/Apr/0129.html:
VIII. DISCLOSURE TIMELINE
06/28/2006 - Initial Contact
06/29/2006 - PoC Requested
06/29/2006 - PoC Sent
10/05/2006 - Vendor Status Update
01/24/2007 - Vendor Status Update
02/12/2008 - Vendor Status Update
03/31/2009 - CVE Assigned
04/14/2009 - Coordinated Public Disclosure
That's a loooong time to sit on a bug.
Tags: hacking
Subscribe

  • memcache job offers

    I get occasional recruiter spam that specifically calls out "my work on memcached". This is pretty funny because all I did was make some trivial…

  • application stack

    "Put yourself in 1995. I'm going to tell the you of 1995 that in 2010, there will be a software platform with the following properties:" Luis Villa…

  • bsd license advertising

    Did you know that the 3-clause BSD (that is, the one with the "advertising" clause stripped) license still has an advertising requirement? Read it…

  • Post a new comment

    Error

    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 3 comments