[talk] OpenBSD Repremianded for Patching Krack Attacks Vunerability
Franco Fichtner
franco at opnsense.org
Mon Oct 16 09:53:41 EDT 2017
Hi,
> On 16. Oct 2017, at 3:37 PM, Raul Cuza <raulcuza at gmail.com> wrote:
>
> disclosure deadline was around the end of August. As a compromise, I
> allowed them to silently patch the vulnerability. In hindsight this
But, err, it was released on August 30 which matches "end of August":
https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/027_net80211_replay.patch.sig
Agreed pre-CERT/CC disclosure deadline hardly sounds like a compromise
to "allow" "silent" patching.
Cheers,
Franco
More information about the talk
mailing list