On 12-06-12 at 02:40am, Thomas Goirand wrote: > On 06/12/2012 02:23 AM, Aron Xu wrote: > > I'm not saying you are disclosing anything, but you are asking if > > someone knows it's in what status publicly in a Debian development > > mailing list. Then this may lead to some disclosing and even mislead > > some other people. Yes there are many people doing tests just like > > you, and they are reporting their results in many ways they prefer. > > But as you are a DD you'd better not ignore our Security Team when > > starting discussion publicly about a security incident your are not > > sure whether it's relevant to Debian. People at Security Team are > > not only responsible for fixing things when it breaks out, but also > > make sure sensitive information is being disclosed in a correct form > > at a correct time. In the end, I believe talking with them > > beforehand is always a right way to do, no matter if Debian is > > affected by this particular issue. > > > > The first time I wrote it, it wasn't clear enough. Maybe writing with > CAPS-ON will help your understanding! :) > > IT HAS ALREADY BEEN MADE PUBLIC (for example: on slashdot) !!! What you asked, and the answer to that question, was not already public. ...or you wouldn't have asked, I hope. ;-) - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: Digital signature