Re: Do we need embargoes for GPL compliance issues?
Florian Weimer <firstname.lastname@example.org> writes:
> Do you think Debian should welcome embargoes for GPL compliance issues?
> Security embargoes are a huge pain, but one would hope that GPL
> violations by Linux distributions are much rarer events.
I'm sorry, I think I'm missing some basic context required to make sense
of this question (and therefore I suspect other people on this list are as
What exactly would we be embargoing, and why?
For security embargoes, what we're embargoing is the description of the
vulnerability, and we're doing that to keep attackers from having an
opportunity to write exploits before a patch is released (putting aside
the question of whether this works). I'm having a lot of difficulty
mapping those concepts onto license violations, so I don't understand what
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>