Goswin von Brederlow wrote: > ... >>There certainly have been exceptions to that rule. The maintainer of >>shorewall has been trying for weeks to get a DSA issued about a >>vulnerability, and it seems we have to convince Joey that it *is* a >>vulnerability before he'll issue it. (I don't understand this - how can >>Joey even *try* to understand every security bug?) Repeated attempts to >>communicate this have been met with silence. > > > Think about this: How else can he judge the bug is fixed or not? My point was that it's impossible for one person to understand every security bug in Debian and test that each one is indeed fixed. In my opinion, questioning whether there really is a vulnerability is both arrogant and counter-productive. -- Paul <http://paulgear.webhop.net> -- Did you know? Using HTML email rather than plain text is less efficient, taking anywhere from 2 to 20 times longer to download, and a corresponding amount more space on disk. Learn more about using email efficiently at <http://www.expita.com/nomime.html>.
Attachment:
signature.asc
Description: OpenPGP digital signature