Full Disclosure mailing list archives
Re: GUNINSKI THE SELF-PROMOTER
From: "mattmurphy () kc rr com" <mattmurphy () kc rr com>
Date: Sat, 19 Jul 2003 22:43:36 -0400
"guninski () guninski com" wrote:
You may remember that Guninski completely failed to notify the VIM development team of security vulnerabilities in its product, and these were brought up by a third party on VIM-DEV for the first time. I would have understood CC'ing the major security lists with the post *in
addition >>to* vim-dev, as it *is* a public channel.
hey kiddie, you'd better check your facts before spreading misinformation. vim developers and vendor-sec list were notified as it is written in my advisory. it was a long thread with all of them. the advisory quotes solar designer that his distribution is not vulnerable. in addition, later i disclosed to them 2 more bugs in vim. i don't mean that it is necessary to notify the vendors at all, but in
this >case there are a lot of witnesses that i notified vim.
just returning from vacation, shall reply to the others lamers later. georgi
And let's take into account that in hunting through the VIM lists, you find zilch from you. It is pretty incriminating, regardless of the truth behind the matter. So, the communications forum you used to notify them happened to disappear before I conducted my search? Remind me to work on my psychic powers... :-) So, before you use terms like "kiddie", why don't *you* walk a few miles in my shoes... Misinformed, I may be, kiddie, I am not. Regardless of your notifying VIM (as you claim), the parallel still isn't there -- *THAT* was my original point. You whine about two weeks to produce a patch from MS, and then you wait for an open source project to patch a bug for almost a month, they don't even start, and you still praise their project. That's hypocrisy Georgi, no matter what you call it. -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: GUNINSKI THE SELF-PROMOTER, (continued)
- Re: Re: GUNINSKI THE SELF-PROMOTER David R. Piegdon (Jul 15)
- Re: Re: GUNINSKI THE SELF-PROMOTER Valdis . Kletnieks (Jul 15)
- Re: Re: GUNINSKI THE SELF-PROMOTER Dan Stromberg (Jul 16)
- RE: Re: GUNINSKI THE SELF-PROMOTER Andrew Thomas (Jul 16)
- RE: Re: GUNINSKI THE SELF-PROMOTER Melvyn Sopacua (Jul 15)
- Re: GUNINSKI THE SELF-PROMOTER Georgi Guninski (Jul 19)
- Re: GUNINSKI THE SELF-PROMOTER pandora (Jul 19)
- Re: GUNINSKI THE SELF-PROMOTER w g (Jul 19)
- Re: GUNINSKI THE SELF-PROMOTER Troy Solo (Jul 19)
- Re: GUNINSKI THE SELF-PROMOTER Valdis . Kletnieks (Jul 19)
- Re: Vendor v. Open-Source Response (was GUNINSKI THE SELF-PROMOTER) Karl DeBisschop (Jul 20)
- Re: GUNINSKI THE SELF-PROMOTER Georgi Guninski (Jul 20)
- Re: GUNINSKI THE SELF-PROMOTER northern snowfall (Jul 20)
- Re: GUNINSKI THE SELF-PROMOTER Jeremiah Cornelius (Jul 22)
