From owner-freebsd-security Wed Jul 26 12:21: 3 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id 87CBB37BF49 for ; Wed, 26 Jul 2000 12:20:45 -0700 (PDT) (envelope-from Gerhard.Sittig@gmx.net) Received: (qmail 17898 invoked by uid 0); 26 Jul 2000 19:20:43 -0000 Received: from pc19f5d7b.dip.t-dialin.net (HELO speedy.gsinet) (193.159.93.123) by mail.gmx.net with SMTP; 26 Jul 2000 19:20:43 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id TAA27434 for freebsd-security@FreeBSD.ORG; Wed, 26 Jul 2000 19:15:37 +0200 Date: Wed, 26 Jul 2000 19:15:37 +0200 From: Gerhard Sittig To: freebsd-security@FreeBSD.ORG Subject: reporting vulnerabilities (how to ...) Message-ID: <20000726191537.J24476@speedy.gsinet> Mail-Followup-To: freebsd-security@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Organization: System Defenestrators Inc. Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org For those who don't follow bugtraq (that closely): May I attract your attention to the following article? It should be in the archives at securityfocus.com and maybe available at your favourite search engine. ----------------------------------------------------------------- Message-ID: Date: Tue, 25 Jul 2000 11:46:21 -0700 From: Alfred Huger Subject: New reporting service w/ Bugtraq To: BUGTRAQ@SECURITYFOCUS.COM ----------------------------------------------------------------- Since I vaguely remember the "two different kinds of advisories" thread (not that I would like to revive it:) and the most notable idea from it on creating an RFC or a similar template for "how to report these things" (resulting in a probably increased completeness of the report, the report suiting even for automatic processing and undoubtably easier reception for human minds) I feel this could be of interest to whoever was involved in this thread then. I didn't keep track of who made the suggestion. But I'm glad now there's obviously a partner to talk to with very likely open ears for this kind of contributing input. :) I take it that bugtraq is a more promising forum for this due to its cross platform nature. And the securityfocus staff should be more than willing to save their own time, especially when it's about their voluntary service. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message