I'll let someone else explain, and let me be clear: not my bug.

I assume you're referring to the practice of releasing hashes of one's advisory to prove that you discovering it while giving the vendor time to fix their software before disclosing it publicly.

Google doesn't turn up anything for that particular hash, though, nor did I see anything on the Matasano website, but I'm probably looking in the wrong places. I don't claim to be a security researcher, after all, even if I try to keep up to date.

Ouch, that was a bad typo. I meant "discovered" not "discovering" and it's too late to edit.

So why did you say it and direct people to ask researchers what it means, if pretty much no one does?