Florian Weimer wrote: > Stephen Stafford <stephen@clothcat.demon.co.uk> writes: > > >> By the way, handling security updates this way conflicts more and more > >> with the Social Contract in its current form. > >> > > > > Didn't we already *have* this flamewar recently? > > Well, that time, it was generally assumed that the Debian won't take > active measures to hide problems from its users. This is no longer > the case. > I don't think we should hide problems. If there's a potential exploit for a server, I want to know about it as soon as the developers do so I can shut down that server until they come up with a fixed version. Just because there isn't a fixed version yet, does not mean that there isn't a fairly knowledgeable hacker who's managed to exploit it. My 2p, anyway. Scott -- Scott James Remnant Have you ever, ever felt like this? Had strange http://netsplit.com/ things happen? Are you going round the twist?
Attachment:
signature.asc
Description: This is a digitally signed message part