Bug#129604: general: Social Contract: We Do Hide Problems

To: Anthony DeRobertis <asd@suespammers.org>, 129604@bugs.debian.org
Subject: Bug#129604: general: Social Contract: We Do Hide Problems
From: Michael Stone <mstone@debian.org>
Date: Fri, 25 Jan 2002 11:16:45 -0500
Message-id: <[🔎] 20020125111645.S19778@justice.loyola.edu>
Reply-to: Michael Stone <mstone@debian.org>, 129604@bugs.debian.org
In-reply-to: <[🔎] F1589260-0D0B-11D6-BBF8-00039355CFA6@suespammers.org>; from asd@suespammers.org on Sat, Jan 19, 2002 at 01:39:59PM -0500
References: <[🔎] 20020117180451.GS5977@blimpo.internal.net> <[🔎] F1589260-0D0B-11D6-BBF8-00039355CFA6@suespammers.org>

On Sat, Jan 19, 2002 at 01:39:59PM -0500, Anthony DeRobertis wrote:
> Can't we satisfy not disclosing the vulnerability and letting 
> our users know by doing something like this:
> 
> 	Debian has been informed of a [<<type>>] vulnerability in
> 	<<package>> [by <<someone>>]. We are preparing an updated
> 	package, which will be available from security.debian.org
> 	along with a DSA [on <<date>>].

No. If the information was given in confidence then the recipients
cannot in good conscience disclose *any* of the information. You can
argue the point with those who originated the information, but not those
who received it.

-- 
Mike Stone

Reply to:

Follow-Ups:
- Bug#129604: general: Social Contract: We Do Hide Problems
  - From: "Anthony DeRobertis" <asd@suespammers.org>

References:
- Bug#129604: general: Social Contract: We Do Hide Problems
  - From: Ben Collins <bcollins@debian.org>
- Bug#129604: general: Social Contract: We Do Hide Problems
  - From: Anthony DeRobertis <asd@suespammers.org>

Prev by Date: Re: Help! Can't build a kernel that mounts root on ABIT BP6
Next by Date: Re: Somebody must package djvulibre
Previous by thread: Bug#129604: general: Social Contract: We Do Hide Problems
Next by thread: Bug#129604: general: Social Contract: We Do Hide Problems
Index(es):
- Date
- Thread