From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner+willy=40w.ods.org-S261235AbVAMRGL@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S261235AbVAMRGL (ORCPT <rfc822;willy@w.ods.org>);
	Thu, 13 Jan 2005 12:06:11 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261232AbVAMQmH
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Thu, 13 Jan 2005 11:42:07 -0500
Received: from clock-tower.bc.nu ([81.2.110.250]:34788 "EHLO
	localhost.localdomain") by vger.kernel.org with ESMTP
	id S261233AbVAMQlb (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 13 Jan 2005 11:41:31 -0500
Subject: Re: Proper procedure for reporting possible security
	vulnerabilities?
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: Steve Bergman <steve@rueb.com>,
       Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
In-Reply-To: <87k6qiomhz.fsf@deneb.enyo.de>
References: <41E2B181.3060009@rueb.com> <87d5wdhsxo.fsf@deneb.enyo.de>
	 <41E2F6B3.9060008@rueb.com>
	 <1105457773.15793.28.camel@localhost.localdomain>
	 <87k6qiomhz.fsf@deneb.enyo.de>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1105629884.4664.43.camel@localhost.localdomain>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.6 (1.4.6-2) 
Date: Thu, 13 Jan 2005 15:36:49 +0000
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org

On Mer, 2005-01-12 at 12:33, Florian Weimer wrote:
> vendor-sec's reputation apparently has been damaged in some circles as
> the result of the fake e-matters advisory.  Heise Online also
> suggested that the exploit was leaked from vendor-sec ("a natural
> conclusion").

For someone who has no actual information and is speculating wildly
perhaps. There are very good reasons that those who know something about
it are fairly sure it isnt the case.