After some strong words from both sides, Sybase and Next Generation Security Software last week ended their dispute over how much information NGS should be able to release regarding flaws the company found in a Sybase product last year.
Sybase had threatened legal action against NGS last month to prevent the security research company from publishing detailed data about flaws in Sybases Adaptive Server Enterprise—even though the vulnerabilities had already been patched. Sybase maintained that NGS would be violating Sybases license agreement by publishing the information.
In the end, Sybase backed away from its threats, and the two companies issued a joint press release with the technical details of the vulnerabilities.