[Info-vax] DCL vulnerability write up on The Register
Ian Miller
gxys at uk2.net
Thu Feb 8 08:58:54 EST 2018
On Thursday, February 8, 2018 at 1:39:51 PM UTC, Simon Clubley wrote:
> On 2018-02-08, Ian Miller <gxys at uk2.net> wrote:
> >
> > As previously mentioned, VSI have done the right thing after receiving the
> > report of the issue.
>
> No. VSI _Engineering_ have behaved impeccably and very professionally
> throughout all this.
>
> VSI _management_ give the very strong impression of having had to be
> dragged along and to be forced into doing all the stuff around this
> that other vendors do as standard.
>
> I've been talking to Mitre about why the CVE was still marked as reserved.
> It turns out that they were waiting for VSI to put a public announcement
> somewhere that could be included in the CVE.
>
> Usually that's on the vendor's website somewhere but Mitre have now used
> the comp.os.vms posting as well as a couple of other references as VSI
> have not put a public announcement on their website.
>
> The CVE is now available here:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17482
>
> Simon.
>
> --
> Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
> Microsoft: Bringing you 1980s technology to a 21st century world
I see one of the references was me http://www.openvms.org/node/121 :-)
More information about the Info-vax
mailing list