security or lack thereof
Chris Hodgins
christopher.hodgins at gmail.com
Thu Mar 24 13:53:42 PST 2005
On Thu, 24 Mar 2005 12:48:48 -0700 (MST), M. Warner Losh <imp at bsdimp.com> wrote:
> In message: <200503230304.j2N34R97020359 at vtn1.victoria.tc.ca>
> jnemeth at victoria.tc.ca (John Nemeth) writes:
> : So, is it FreeBSD policy to ignore security bug reports? I sent
> : the following bug report to security at freebsd.org on Feb. 19th, 2005 and
> : it still hasn't been acted on. This total lack of action on an
> : extremely simple (and silly) three year old bug doesn't give one the
> : warm fuzzies. Heck, it took 48 hours to get a response from a security
> : officer, and another 24 hours to get something from the guilty
> : developer.
>
> You should learn to send it to the right place:
> security-officer at freebsd.org.
>
> Warner
He did send it to the correct place. Otherwise the documentation is wrong:
-------from http://www.freebsd.org/security/index.html-----------
All FreeBSD Security issues should be reported directly to the
Security Officer Team (security at FreeBSD.org) personally or otherwise
to the Security Officer (security-officer at FreeBSD.org).
-----------------------------------------------------------------------
Chris
More information about the freebsd-hackers
mailing list