Re: Sendmail vulnerability : is Debian falling behind?
It's been discussed plenty on the Debian mailing lists as well
as having the package maintainer give an update on the status of the
packages that are being prepared/ready at this time... Might suggest
checking a bit further before making such a rash judgement on issues
arelady being dealt with...
RedHat and SuSe have commerical money to throw at it... Debian
is run by volunteers... As well RedHat and SuSe do not support nearly as
many platforms as Debian, so it sometimes takes a bit to get all the
packages compiled on all the platforms prior to making an annonouncement
so they are all available...
Jeremy
On Mon, Mar 03, 2003 at 03:17:16PM -0600, Jor-el wrote:
> Hi,
>
> In case noone noticed, news of a Sendmail vulnerability appeared
> on Slashdot. The really interesting piece of the story for me was the
> portion of the blurb with said "...RedHat and OpenBSD have already issued
> patches.....links to an update from SuSE, too".
>
> What about Debian? I just looked at http://security.debian.org and
> see no mention of this vulnerability. I dont use Sendmail myself.
> Nevertheless I am still concerned that the people who notify vendors are
> not notifying Debian ahead of time before vulnerabilities are publicly
> announced. Is that the case? Can someone in the know comment?
>
> Thanks,
> Jor-el
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: