Re: CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw

From: Perry E. Metzger (perryat_private)
Date: Thu Apr 30 1998 - 15:16:15 PDT

Next message: Kevlar: "Re: Serv-U FTP Exploit?"

Previous message: Theo de Raadt: "Re: CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw"
Maybe in reply to: Aleph One: "CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Theo de Raadt writes:
> What is this.  Is The Open Group now selling security patches only to
> their members?
>
> I asked the XFree86 people.  They have received no communication from TOG
> about this at all.  I think this is extremely bad ethics on the part of
> TOG to publish information on a security problem and then only give fixes
> to people who have given them money.

For once, I agree completely with Theo. It was bad enough that TOG
decided to turn X into proprietary software -- saying that security
patches for back revs are proprietary is nearly unacceptable behavior.

Perry

Next message: Kevlar: "Re: Serv-U FTP Exploit?"
Previous message: Theo de Raadt: "Re: CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw"
Maybe in reply to: Aleph One: "CERT Vendor-Initiated Bulletin VB-98.04 - xterm.Xaw"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:51:54 PDT