[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: on potato's proftpd

On Wed, Apr 03, 2002 at 03:22:39AM +0200, martin f krafft wrote:
> they really weren't intended to be flames. i am sorry if they felt
> that way. i am really just trying to be concise since i don't have
> much more to say than i did.

Personally I do not think you flamed, and your points are very valid. I have
my problems with how testing/unstable is managed (security wise) but I
understand that there is a good reason for this, but I dont think that we
should hold back temporary fixes, or even partial ones (for example if a fix
is not recompiled on all architectures right on time).

In the current example, the fact that the libc globbing patch did not help
the DOS attack to proftp is well known for a few weeks, and we still refuse
to fix it with an easy temporary solution, or even update the advisory.

Greetings
Bernd


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: