Dear BUGTRAQers, Software vulnerability reporting process is a topic that is vividly debated. Now you have an opportunity to share your experiences and express your worries on the issue anonymously - by taking part in the OUSPG research on vulnerability reporting. I am doing a survey that is targeted to vendors who receive bug reports, to coordinators of the reporting process (e.g. mailing list moderators and national CERTs), and to reporters of software vulnerabilities. So, if you do any of these, you are the right person to answer. Even if someone from your organization already has answered or is going to answer to this survey, I would still appreciate getting to know your personal opinions as well. More information and the links to the questionnaires can be found at: https://www.ee.oulu.fi/research/ouspg/reporting/q-form/ All answers are anonymous. The results of the survey will be published on the OUSPG's WWW-pages by the end of this year. I cannot do this without your help! ;) /Tiina Havana - OUSPG PS: We maintain a link list about discussions on vulnerability reporting: http://www.ee.oulu.fi/research/ouspg/sage/disclosure-tracking/
