Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Fishing for vulnerabilities (Score 1) 103

by kula.shinoda (#21784360) Attached to: Vulnerability Numerology - Defective by Design?

As author of GeSHi I can confirm this is basically how things played out. I sent Secunia a very irate e-mail asking them basically WTF they were smoking, and as far as I can tell they didn't publish a vulnerability for it.

They've tried on other projects I've been on, such as Mahara. They went trolling through the changelogs of old releases for the word 'security', and hit a git commit that fixed security being too tight on something - and sent an automated email saying they wanted more information about the vulnerability so they could put it in their database! They got another irate e-mail about that one.

Secunia, in my experience, are scum looking to justify their existence rather than actually help.

Announcements

+ - Inagural New Zealand Open Source Awards held->

Submitted by
Nigel McNie
Nigel McNie writes "The first ever New Zealand Open Source Awards have just been held in Wellington. These awards recognise achievement across many types of open source use, from government and business through to the project contributors and the communities built on open source technologies. Award winners include Zoomin/ProjectX for their use of OSS in business, VetLearn for OSS use in education and Chris Cormack for his role as a contributor to the Koha Integrated Library System."
Link to Original Source

People will buy anything that's one to a customer.

Working...