How not to respond to a security advisory


Recently, I stumbled across an interesting security advisory by RedTeam Pentesting, that discussed a vulnerability in a few implementations of the BSD securelevel system. There were two different issues, each affecting different implementations. As usual, I carefully read through the advisories trying to understand what sort of impact the vulnerabilities had, how disclosure had been done, and that sort of thing.

Once I got to the "Fix" section of the advisory, something caught my eye immediately. How not to respond to a security advisory | The Register

Linked by shanmuga Thursday, 19th January 2006 8:05PM