> Does anyone know where to send citrix bug reports? Citrix prefers official support to go through either a channel reseller (CCA/CCEA's at VARs can open calls), or direct calls from someone with a support contract. support@ and security@ are valid email addresses at Citrix, but seldom responded to IME. For general issues/bug reports, Citrix will direct you to their public support forum: http://ctxex10.citrix.com/icaforum.nsf/($All)?OpenView <*personal experiences w/Citrix*> I ran into several security quirks regarding application authentication issues while beta-testing nFuse, and had no luck getting Citrix support to address them, other than open a case and never respond. FWIW, I was at a Citrix VAR at that time and had direct support, and still made no difference. I have not used nFuse since it went 1.0, so I can provide no further input. You can contact their support directly at: 800-424-8749 if you wish to pursue further; YMMV. I called Citrix support directly on this tonight and could find no one who had an answer on what to do with a vulnerability disclosure, other than posting it in their public forums. I got transferred until disconnected, called back, and was then put on hold for over 30 mins until I hung up. That's all the effort I'm willing to put out for them. Good luck; responsible reporting. Arian J. Evans Citrix CCA Winframe, Metaframe and other sheepskins
This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 23:51:49 PST