Gergely Nagy wrote: > > I disagree with t=1, t=1 should be "researcher releases PUBLIC advisory" > > in my opinion. > > So users can flame all distributions for not having a fix available for > a know vulnerability? And especially Debian, because as previously said, > with 11 architectures, it will come out dead last? > > I'd be very pissed if that would be how things work, as I do not want to > let every bugtraq reader try the published exploit BEFORE there is a fix > available. > So in other words, you'd rather they all had their machines vulnerable to potential hackers for a period of time? As a user, I'd rather know about the exploit at t=1, so I can decide whether to shut down that service or not until my software provider of choice have provided updated software. Scott -- Scott James Remnant Have you ever, ever felt like this? Had strange http://netsplit.com/ things happen? Are you going round the twist?
Attachment:
signature.asc
Description: This is a digitally signed message part