Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!spool.mu.edu!uunet!mcsun!ukc!slxsys!ibmpcug!dylan
From: dylan@ibmpcug.co.uk (Matthew Farwell)
Newsgroups: comp.unix.wizards
Subject: Re: Open Access to Security Info
Message-ID: <1991Jun8.201142.8423@ibmpcug.co.uk>
Date: 8 Jun 91 20:11:42 GMT
Article-I.D.: ibmpcug.1991Jun8.201142.8423
References: <27107@adm.brl.mil> <2201@tharr.UUCP>
Reply-To: dylan@ibmpcug.CO.UK (Matthew Farwell)
Organization: The IBM PC User Group, UK.
Lines: 12

In article <2201@tharr.UUCP> stuart@tharr.UUCP (Stuart Tares) writes:
>It goes on to say that Cert have been given the deatils but have not
>issued a formal warning.  Why not - does it take another sendmail bug to
>appear to let "ordinary" system administrator find out about thebugs ?

I believe CERT don't generally announce bugs until a fix (either source
or a binary patch) is made available.

Dylan.
-- 
Matthew J Farwell: dylan@ibmpcug.co.uk || ...!uunet!ukc!ibmpcug!dylan
	But you're wrong Steve. You see, its only solitaire.