Hi, I e-mailed them a week before I sent the advisory out: 2 weekend days and 5 work days. Even if there has been a limited distribution, it IS in use apparantly which is enough for me to want to publish it. How common the problem is or in what state the software is should not be the issue. The issue is if the bug is there. How would you like it if your twang doodle daemon had a bug but just because it wasn't common enough it wasn't reported. Someone else finds out about it and exploits your server. It is not fun. greetz, nemesystm At Tue, 24 Apr 2001 17:18:02 -0500, "NESTING, DAVID M (SBCSI)" <dn3723at_private> wrote: > >Do we really need to be seeing advisories on alpha versions of software >that >is under active development? This is hardly a production-quality >application and even their own download statistics show that its >distribution has been very limited. > >Furthermore, I don't see a bug report entry in their SourceForge project. >You did report this to them before you sent it to BugTraq, yes? Free, encrypted, secure Web-based email at www.hushmail.com
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 17:44:26 PDT