How not to respond to a security advisory
Recently, I stumbled across an interesting security advisory by RedTeam Pentesting, that discussed a vulnerability in a few implementations of the BSD securelevel system. There were two different issues, each affecting different implementations. As usual, I carefully read through the advisories trying to understand what sort of impact the vulnerabilities had, how disclosure had been done, and that sort of thing.
Once I got to the "Fix" section of the advisory, something caught my eye immediately. How not to respond to a security advisory | The Register
Back to: PC Security, privacy news