Re: php vulnerabilities

To: debian-security@lists.debian.org
Subject: Re: php vulnerabilities
From: Florian Weimer <fw@deneb.enyo.de>
Date: Fri, 24 Dec 2004 00:47:53 +0100
Message-id: <[🔎] 87hdmczidy.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 20041223222239.GC28172@kontryhel.haltyr.dyndns.org> (Jan Minar's message of "Thu, 23 Dec 2004 22:22:39 +0000")
References: <[🔎] 20041221215816.GB3974@khazad-dum.debian.net> <[🔎] 20041222002125.GL14026@mathom.us> <[🔎] 20041222022526.GB14463@khazad-dum.debian.net> <[🔎] 20041222031846.GO14026@mathom.us> <[🔎] 87brcmwhu6.fsf@deneb.enyo.de> <[🔎] 20041222140903.GR14026@mathom.us> <[🔎] 87is6t6lco.fsf@deneb.enyo.de> <[🔎] 20041223180339.GA28172@kontryhel.haltyr.dyndns.org> <[🔎] 877jn83h3j.fsf@deneb.enyo.de> <[🔎] 1218.212.89.97.147.1103837194.squirrel@212.89.97.147> <[🔎] 20041223222239.GC28172@kontryhel.haltyr.dyndns.org>

* Jan Minar:

>> > apt-listbugs only helps if someone else has already burned his
>> > fingers, *and* has filed a bug report with the proper severity and
>> > tags.
>
> You can tell it to install only packages that have been in the archive
> no less than some arbitrary period of time (or maybe not and it could be
> written; I don't use apt-bug).

One of the recent bugs which led to unstable breakage was already
filed, but not with sufficient severity to trigger apt-listbugs. 8-(

apt-listbugs is just kludge, not a real concept you can advertise to
end users, IMHO.  (Of course, the security process as a whole is
nothing but a kludge, but there is little Debian can do about it.)

Reply to:

References:
- Re: php vulnerabilities
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: php vulnerabilities
  - From: Michael Stone <mstone@debian.org>
- Re: php vulnerabilities
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: php vulnerabilities
  - From: Michael Stone <mstone@debian.org>
- Re: php vulnerabilities
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: php vulnerabilities
  - From: Michael Stone <mstone@debian.org>
- Re: php vulnerabilities
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: php vulnerabilities
  - From: Jan Minar <jjminar@FastMail.FM>
- Re: php vulnerabilities
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: php vulnerabilities
  - From: "Christian Storch" <storch@infra.net>
- Re: php vulnerabilities
  - From: Jan Minar <jjminar@FastMail.FM>

Prev by Date: Re: php vulnerabilities
Next by Date: Re: php vulnerabilities
Previous by thread: Re: php vulnerabilities
Next by thread: Re: php vulnerabilities
Index(es):
- Date
- Thread