current-users: Re: NetBSD Security Advisory 2002-009: Multiple vulnerabilities in OpenSSL code

Subject: Re: NetBSD Security Advisory 2002-009: Multiple vulnerabilities in OpenSSL code
To: Ignatios Souvatzis <is@netbsd.org>
From: David Maxwell <david@vex.net>
List: current-users
Date: 08/02/2002 18:30:29

On Fri, Aug 02, 2002 at 10:11:12PM +0200, Ignatios Souvatzis wrote:
> On Fri, Aug 02, 2002 at 03:08:16PM -0400, David Maxwell wrote:
> > On Fri, Aug 02, 2002 at 05:07:53PM +0200, Olaf Seibert wrote:
> > > On Fri 02 Aug 2002 at 09:57:28 -0400, NetBSD Security Officer wrote:
> > > | [-- PGP output follows (current time: Fri Aug  2 17:04:41 2002) --]
> > > | gpg: Warning: using insecure memory!
> > > | gpg: Signature made Thu Aug  1 15:37:30 2002 CEST using RSA key ID F8376205
> > > | gpg: BAD signature from "security-officer@netbsd.org"
> > >        ^^^
> 
> I'd auto-check them if they had proper PGP/MIME headers...

I honestly don't know if I've ever discussed that with the other S-Os.

As far as I can remember, no advisory to date has been issued in a MIME
format. I will check and see if there's a reason for that.

My only guess is that it might have had to do with the general use of
MIME compatible MUAs growing over time, since the NetBSD S-O role began.

-- 
David Maxwell, david@vex.net|david@maxwell.net -->
Any sufficiently advanced Common Sense will seem like magic... 
					      - me