ESNC:  Vulnerability Timeline




               2016





               Aug19.         PwC contacted


               Aug 22         Meeting with PwC, informed them about the
                              impact and the details of the vulnerability and

                              responsible disclosure


               Sept 05  Asked PwC about updates and whether a patch is

                              available

               Sept 13  Received a Cease & Desist letter from PwC lawyers


               Nov 18  Informed that 90 days have passed and ESNC is

                              planning to release a security advisory; asked for
                              any details PwC can share about this matter

                              including risk, affected versions, how to obtain a

                              patch


               Nov 22  Received another Cease & Desist letter from PwC
                              lawyers


               Dec 07         Public disclosure


                                                                         (Source ESNC)