01.Jul.2017 at 14:31 by Mairsil (48 comments)
Very well presented talk about the various things you may have to deal with with a vuln like this. And a few nice useful pointers too.
Marcus Bointon (01.Jul.2017 at 13:30, 45 min)
Talk at Dutch PHP Conference 2017 (English - US)
I'm the maintainer of a very popular open-source PHP package - PHPMailer. In December 2016, two critical remote code execution vulnerabilities were found in PHPMailer, affecting potentially tens of millions of sites. There's a lot that goes on behind a CVE number - I'd been involved in reporting some minor security issues in the past, but nothing of this magnitude, and never at the receiving end, so I found myself at the start of a steep learning curve and an emotional roller-coaster. This is the story.
Quicklink: https://legacy.joind.in/21177
Talk claims have been moved to the new Joind.in site.
Please login to the new site to claim your talk
01.Jul.2017 at 14:31 by Mairsil (48 comments)
Very well presented talk about the various things you may have to deal with with a vuln like this. And a few nice useful pointers too.
01.Jul.2017 at 20:06 by Onno Lissenberg (58 comments)
Take my internet points for a job well done :)
01.Jul.2017 at 20:48 by Frits van Campen (30 comments) via Web2 LIVE
I was hoping for an edutaining story and you delivered.
02.Jul.2017 at 09:00 by Peter Lindqvist (18 comments) via Web2 LIVE
Well prepared, well presented talk.
02.Jul.2017 at 21:33 by Peter Meijer (14 comments) via Web2 LIVE
One of the best talks at DPC17.
Good build-up of the story and excellent explaining what has happend.
03.Jul.2017 at 09:18 by Martijn (15 comments) via Web2 LIVE
This was the second talk I attended from Marcus, and it did not disappoint.
The story itself was entertaining, the speaker gave a personal insight how the discovery of a security issue itself triggered a whole lot of work and investigation how to solve it.
Hopefully I won't encounter myself in a similar situation :)
04.Jul.2017 at 15:13 by Sjoerd Maessen (14 comments) via Web2 LIVE
A very "honest" talk with some interesting points. I liked how you made the talk personal.
01.Jul.2017 at 14:28 by Coen Dunnink (6 comments) via Web2 LIVE
Nice story about a bug and the implecations