[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DSA 438 - bad server time, bad kernel version or information delayed?

Florian Weimer <fw@deneb.enyo.de> writes:

> Jan Lühr wrote:
>
>> Does this mean, that a well known exploit was kept back for nearly three 
>> weeks, just because some odd vendors were unable to build there kernels in 
>> time?
>
> Yes, this is the norm.  Debian hides security bugs from its users for
> extended periods of time.

Yes but this have a reason. Before upload a fix this need be available
in all supported archs and tested since major or users install it
trusting Debian Security Team and 'cause of this, should not fail ;-)

-- 
        O T A V I O    S A L V A D O R
---------------------------------------------
 E-mail: otavio@debian.org      UIN: 5906116
 GNU/Linux User: 239058     GPG ID: 49A5F855
 Home Page: http://www.freedom.ind.br/otavio
---------------------------------------------
Reply to: