On Sat, Jan 19, 2002 at 10:24:36AM -0600, Steve Langasek wrote: > It's one thing to keep quiet about a security hole when the information > is already public or there's a known exploit in the wild; and there's > been disagreement in the past over the security team's policy in such > cases of waiting for the build daemons before releasing advisories. We should indeed reconsider that, at least when the problem is already widely known e.g. by a bugtraq posting. But let's discuss that later - we have to release a distribution! > It's another thing to cooperate with those providing us information in > order to ensure they will continue to do so. Well put. Fully agreed Torsten
Attachment:
pgpV5bodNC315.pgp
Description: PGP signature