[VIM] Esser quits the PHP Security team

Heinbockel, Bill heinbockel at mitre.org
Thu Dec 14 09:44:45 EST 2006


I don't know if any of you have seen the news, but 
one of the best security researchers, Stefan Esser, 
has quit the PHP Security Team.

While he'll still perform research and produce
advisories, he will no longer coordinate with the
PHP dev team. So this will mean that the PHP
Security Team will be playing catch-up, as Esser's
advisories will most likely not be coordinated with
the release of a patched PHP version.

His resignation apparently has at least something to
do with the disclosure practices and timeline, where the
vendor can stall security advisories by delaying product
patch.

More info here:
http://www.heise-security.co.uk/news/82500
http://blog.php-security.org/archives/61-Retired-from-securityphp.net.h
tml


William Heinbockel
Infosec Engineer
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org
781-271-2615


More information about the VIM mailing list