Debian: 75 minutes to close a security bug.
"At August 8th, 11:04am (GMT, or Greenwich Time), Debian [5] developer
Erich Schubert reported about a bug [1] in Serendipity [2].
According to his blog, it took him 10 minutes to close it, and he
reported it to the guys over at Serendipity.
And at 12:09pm (GMT), another Debian developer named Thijs Kinkhorst had
uploaded a corrected version [3] from upstream to Debian unstable, and
he already found out that Sarge and Etch were not affected.
75 minutes - wow.
You guys rock.
As does free software in general.
Update: it’s 21:30 (or 9:30pm) GMT now, and now I also see it in
SecurityFocus. [4]
Is Free (Libre) Open Source Software cool, or is it cool?
A turnaround time of some 10 hours only, from discovering to fixing to
reporting to an improved version ready for download, plus a security
warning for all those who care.
Now that is what I call professional.
We are standing on the shoulders of giants."
Wolfgang Lonien [0]
[0] http://wolfgang.lonien.de/?p=355
[1]
http://blog.drinsama.de/erich/en/security/2007080801-security-issue-in-serendipity.html
[2]
http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html
[3] http://loeki.tv/log/archives/59-Serendipity-1.1.4-uploaded.html
[4] http://www.securityfocus.com/bid/25235
[5] http://www.debian.org
Regards.
Andre Felipe Machado
http://www.techforce.com.br
Reply to: