[ Thanks to Jason
Greenwood for this link. ]
“Several users welcomed the growing willingness of vendors and
security researchers to work together to identify and fix software
vulnerabilities in the wake of last week’s disclosure of a major
hole in a widely used e-mail protocol.“But they also expressed concern over the practice by some in
the security community to release vulnerability information to
certain users before making it available to the public.“Atlanta-based security vendor Internet Security Systems Inc.
(ISS) and Emeryville, Calif.-based Sendmail Inc. last week
disclosed the existence of a major buffer-overflow vulnerability in
the sendmail mail-transfer agent, which handles more than 50% of
all Internet e-mail traffic…”