Re: Debian security being trashed in Linux Today comments
Adam Warner <lists@consulting.net.nz> writes:
> http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
>
> Someone with better knowledge of all the facts might want to comment on
> the claim that "Debian is always the last to fix security holes" and the
> tag team follow up "I've been fighting for months now to try to convince
> them to release an advisory or fix for ftpd..."
Of course, libc problems are a bit unfair for comparison. Red Hat
runs the official CVS repository, and they probably knew about the
problem by mid-November or something like that (the fix was committed
on 2001-11-29, IIRC).
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
Reply to: