Re: Known vulnerabilities left open in Debian?
On Mon, Mar 22, 2004 at 09:45:00PM +0100, Jan L?hr wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Greetings,...
>
> Am Montag, 22. M?rz 2004 21:05 schrieb Matt Zimmerman:
> > On Mon, Mar 22, 2004 at 08:57:26PM +0100, Jan L?hr wrote:
> > > Cron is another example
> >
> > Cron is another example of what? By all means, please elaborate.
>
> Of a package of the discussed categorie.
What category is that exactly? Please explain in detail; I do not know to
what you are referring.
> > > - the be honest, the debian security team seems to be crippled by the
> > > debian release policy. Because of this policy debian stable is insecure
> > > by definition.
> >
> > If you have concrete information about unfixed bugs, bring it forth.
> > Otherwise this is just more FUD.
>
> Moz bug 228176 [1] is an example.
We have been over the mozilla situation several times; if you have something
helpful to contribute, I would like to hear it. Vague allusions to
"insecure by definition" don't fall into that category, though.
--
- mdz
Reply to: