[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Known vulnerabilities left open in Debian?

On Mon, Mar 22, 2004 at 09:45:00PM +0100, Jan L?hr wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Greetings,...
> 
> Am Montag, 22. M?rz 2004 21:05 schrieb Matt Zimmerman:
> > On Mon, Mar 22, 2004 at 08:57:26PM +0100, Jan L?hr wrote:
> > > Cron is another example
> >
> > Cron is another example of what?  By all means, please elaborate.
> 
> Of a package of the discussed categorie.

What category is that exactly?  Please explain in detail; I do not know to
what you are referring.

> > > - the be honest, the debian security team seems to be crippled by the
> > > debian release policy.  Because of this policy debian stable is insecure
> > > by definition.
> >
> > If you have concrete information about unfixed bugs, bring it forth.
> > Otherwise this is just more FUD.
> 
> Moz bug 228176 [1] is an example.

We have been over the mozilla situation several times; if you have something
helpful to contribute, I would like to hear it.  Vague allusions to
"insecure by definition" don't fall into that category, though.

-- 
 - mdz
Reply to: