Re: php vulnerabilities
On Thu, Dec 23, 2004 at 11:01:56PM +0100, Bernd Eckenfels wrote:
In article <email@example.com> you wrote:
IOW, the soaking period is required.
But we don't hide Bugs. And given the voluntary nature of Debian a lot of
fixes just wont happen before the velnerability is widely known, anyway.
Just see the current samba problem.
Who said anything about hiding something? Reread his message.
And besides the openssh disaster I dont see many destructive security
patches, especially not with debians conservative backporting strategy.
Dude, are you reading the thread at all? The backporting is the question