Bug#279865: acknowledged by developer (Re: Bug#279865: apache-common: CAN-2004-0940 Vulnerable?)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Helge Kreutzmann wrote:
| Hello,
| On Fri, Nov 05, 2004 at 06:18:12AM -0800, Debian Bug Tracking System wrote:
|
|>Thanks for reporting this twice already. Please before filing bugs you are welcome to check both
|>debian-apache mailing lists and bugs.debian.org/src:apache.
|
|
| I *did* check the bts (though admitingly without using the
| src:-prefix). Sorry to miss #279753. But this one is closed, and I
| assumed to either find an open bug, or an entry in the non-vuln-list.
| Is there a reason #279753 is closed already? If you keep it open, then
| everyone can see that this is being activly worked on. And technically
| speaking, the bug is still open.
Because it has been openly discussed on the mailing list all the security teams are already working
on it. Plus one of apache1.3 maintainer is upstream too and we follow the package closely and
constantly.
Also people should not panic everytime there is security bug. Sid has been fixed in less than a few
hours. woody takes more time and it is always followed by the related DSA if the problem affect a
stable release.
Fabio
- --
Self-Service law:
The last available dish of the food you have decided to eat, will be
inevitably taken from the person in front of you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBi54PhCzbekR3nhgRArVKAKChFzlwir3v5nU6TUDjcPOu8c7DlwCgg8YY
cmNVSkfCX8e1dNx785axfAk=
=skKx
-----END PGP SIGNATURE-----
Reply to: