[Asterisk-Users] NEW Asterisk Security vulnerability report ...
Tilghman Lesher
tilghman at mail.jeffandtilghman.com
Wed Sep 17 19:56:03 MST 2003
On Wednesday 17 September 2003 08:15, Lubomir Christov wrote:
> Hello,
>
> There is a new asterisk vulnerability report at this address:
>
> http://www.securiteam.com/unixfocus/5HP0H1PB5S.html
They lie. My email address is at the top of the cdr_mysql.c source
file, and yet I was never contacted.
> Both fixes was reported and fixed silently.
>
> My question is: Is it possible in the future such a security problems
> to be reported in this mailing list or some other security related
> list?
Sure, why don't you ask the security "researchers" to post the problem
to the -dev list, instead of only on their website (where we get to find
out only long after the fact)?
-Tilghman
More information about the asterisk-users
mailing list