On Wed, Jan 07, 2004 at 09:52:47AM -0500, Raul Miller wrote: > On Wed, Jan 07, 2004 at 11:28:20AM +0100, Michael Banck wrote: > > We don't provide security support for non-free, to my knowledge. > > Not at the level of main. At what level *do* we provide it? > However, we can be fairly confident that a DD won't introduce a > deliberate security flaw into non-free. How much does that really buy us? Isn't that kind of a cold comfort? It didn't take the introduction of deliberate security flaw into main to disrupt this entire project[1], resulting in a loss of services to the developers that still hasn't been completely rectified, and probably won't be[2]. You can perhaps be forgiving for not noticing this event, given the extent of your level of participation in the Project[3]. [1] http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200311/msg00011.html [2] http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200312/msg00001.html [3] Message-ID: <[🔎] 20040108160339.N28449@links.magenta.com> -- G. Branden Robinson | Q: How does a Unix guru have sex? Debian GNU/Linux | A: unzip;strip;touch;finger;mount; branden@debian.org | fsck;more;yes;fsck;fsck;fsck; http://people.debian.org/~branden/ | umount;sleep
Attachment:
signature.asc
Description: Digital signature