Return-Path: <linux-kernel-owner+willy=40w.ods.org-S262643AbVAKJdL@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S262643AbVAKJdL (ORCPT <rfc822;willy@w.ods.org>);
	Tue, 11 Jan 2005 04:33:11 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262664AbVAKJdL
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Tue, 11 Jan 2005 04:33:11 -0500
Received: from mail.enyo.de ([212.9.189.167]:28604 "EHLO mail.enyo.de")
	by vger.kernel.org with ESMTP id S262643AbVAKJcR (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 11 Jan 2005 04:32:17 -0500
From: Florian Weimer <fw@deneb.enyo.de>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Steve Bergman <steve@rueb.com>,
       Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Proper procedure for reporting possible security vulnerabilities?
References: <41E2B181.3060009@rueb.com>
	<1105383104.12004.101.camel@localhost.localdomain>
Date: Tue, 11 Jan 2005 10:32:11 +0100
In-Reply-To: <1105383104.12004.101.camel@localhost.localdomain> (Alan Cox's
	message of "Mon, 10 Jan 2005 19:24:00 +0000")
Message-ID: <87u0pos44k.fsf@deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 652
Lines: 15

* Alan Cox:

> vendor-sec@lst.de is a cross vendor security list and a good place for
> stuff.

Some people claim that vendor-sec is not trustworthy anymore because
it leaks information, based on the recent forged e-matters advisory.
Personally, I think the intent of the forgers was to discredit
vendor-sec.  There's no hard no evidence that there is a systematic
leak (apart from the occasional blunders).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/