Re: Disappointment in security handling in Debian

[Mathieu Dessus <mdessus@free.fr>]

Daniel Jacobowitz wrote:
> 
> On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote:
> > G'day,
> >   I'm writing this to express my frustration at the slowness Debian
> > seems to be afflicted with when it comes to letting people know about
> > our security vulnerabilities and fixes.
> >
> > We seem to be able to find, fix and upload fixed packages quite
> > quickly, however we are usually the last to let others know that they
> > should upgrade to the new packages, making our users unnecessarily
> > vulnerable.
> 
> I beg your pardon?  This isn't the general case at all.  Your example
> is certainly accurate, but to my knowledge lprng is the only thing to
> slip through the cracks that way in a year.  We're often behind with
> fixes in general, but when we post a fix the advisory generally goes
> out the same day!

This is not directly related to this thread, but this post reminds me
that generally the translations pages of Security Information page (
http://www.debian.org/security/ ) are generally not up to date.
And with the automatic switch to the page corresponding to your
languange's preference, I've been fooled several times, thinking that
Debian security was not up to date.

What about adding a link to the original version with an warning or
simply disabling automatic swicthing language for this page ?

---------------------------------------------------------
 Mathieu Dessus                        R&D  CF6 Telindus
     mdessus@free.fr        http://mdessus.free.fr/