On Wed, Jun 05, 2002 at 04:41:39PM -0500, Brooks R. Robinson wrote: > It was not my intention to lead users astray, my intention was to enlighten > people to the fact that testing is, for the most part, not going to change. > The security fixes are flowing into sid. It's not a big trick to get notice > from security-announce and grab a few pacakges from sid in the mean time. > I'll grant that it's not as easy, but doable. Assuming there *is* a mention of the bug on security-announce. What if you're running bind9? You'll see no mention of the remote DoS recently announced, yet it will most definitely affect you if you've chosen to install the package. That's just one example; there are likely to be many more. I think it's harder than you expect. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgp63azV1KZPg.pgp
Description: PGP signature