[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian: 75 minutes to close a security bug.

"At August 8th, 11:04am (GMT, or Greenwich Time), Debian [5] developer
Erich Schubert reported about a bug [1] in Serendipity [2]. 
According to his blog, it took him 10 minutes to close it, and he
reported it to the guys over at Serendipity.

And at 12:09pm (GMT), another Debian developer named Thijs Kinkhorst had
uploaded a corrected version [3] from upstream to Debian unstable, and
he already found out that Sarge and Etch were not affected.

75 minutes - wow. 
You guys rock. 
As does free software in general.

Update: it’s 21:30 (or 9:30pm) GMT now, and now I also see it in
SecurityFocus. [4] 
Is Free (Libre) Open Source Software cool, or is it cool? 
A turnaround time of some 10 hours only, from discovering to fixing to
reporting to an improved version ready for download, plus a security
warning for all those who care. 

Now that is what I call professional.

We are standing on the shoulders of giants."

Wolfgang Lonien [0]

[0] http://wolfgang.lonien.de/?p=355
[3] http://loeki.tv/log/archives/59-Serendipity-1.1.4-uploaded.html 
[4] http://www.securityfocus.com/bid/25235
[5] http://www.debian.org

Andre Felipe Machado

Reply to: