Re: Getting Vendors To Fix Bugs


Ron Natalie (elbereth.rutgers.edu!ron.rutgers.edu!ron@rutgers.edu)
10 Nov 88 13:46:36 GMT


I don't know why you say that. Many of the infected sites had source
for sendmail. As a matter of fact, we had done some local modifications
to it and were mildly familiar with the code and we were still hit.
We were still hit after I had ripped out all the ifdef DEBUG code out
of an earlier release of sendmail due to an even more BLATENT security
bug that the one recently divulged. We got a new release with the earlier
bug fixed and people figured that we didn't need to go to the effort of
ripping all that stuff out again.

-Ron



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT