On 22 Sep 2005, at 09:36, Dominique Brezinski wrote:

> Yes, I can read it. You know, there are these things called
> vulnerability databases, like OSVDB, which are really good for
> capturing historical information about vulnerabilities. The
> maintainers of such databases cannot be expected to know every
> programming language nor spend the time to read diffs to figure the
> root cause and exact nature of every vulnerability. It would be nice
> if they could, but they cannot. When a vendor or project maintainer
> includes details in vulneraility reports, it is a sort of good will
> towards certain segments of the security community.

There's plenty of discussion on ruby-dev, see [ruby-dev:27251].  But  
since it is Japanese, you may not be able to read it.  Similarly, Guy  
won't have much use of an English description of the vulnerability.

> It is nice to know there is a smart-ass on every list, to be sure.

Please don't call people names, you're just being rude.  I strongly  
urge you to read through the archives before jumping to any  
conclusions, especially when the finest minds on the list don't  
necessarily have perfect English skills.

-- 
Eric Hodel - drbrain / segment7.net - http://segment7.net
FEC2 57F1 D465 EB15 5D6E  7C11 332A 551C 796C 9F04