Mailinglist Archive: opensuse-security (195 mails)
| < Previous | Next > |
Re: [suse-security] SuSE Security Announcement - make-3.77
- From: Andreas Siegert <afx@xxxxxxx>
- Date: Thu, 9 Mar 2000 15:07:39 +0100
- Message-id: <20000309150739.A3373@xxxxxxxxxxxxxxxx>
Quoting Yasholomew Yashinski (yashy@xxxxxxxxx) on Wed, Mar 08, 2000 at 04:06:15PM -0500:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 8 Mar 2000, Andreas Siegert wrote:
>
> > Could you please stop that useless discussion.
>
> Discussing security announcments is useless discussion? Are you saying
> that on behalf of SuSE?
Discussing security announcements is not useless.
Repeating old discussions without new content is useless.
> What were the results of the bugtraq thread? Exploits are posted there
> as they are discovered. Perhaps if someone (yourself?) would make a stand
> on SuSE's take of the situation, the thread will be ended. In the meantime
> we'll have to debate our opinions which hopefully have some reflection on
> the opinions of SuSE, as the vendor.
> As Linux makes itself mainstream, large corporations have identified
> that, and will have to choose a vendor to use. I believe SuSE to be the
> best option currently, I just hope they can maintain that standpoint for
> me. I would like to present a vendor to my employer that releases bleeding
> edge exploits.
> Calling a client's issues "useless" is hardly a professional way to
> react. I would recommend satisfying the customers needs, and not making
> fun of their issues.
I do not call clients opinions useless. I did not say in any words anything
about release policies. I did not make fun of anyone. Please read what I wrote
exactly.
SuSE, like most vendors does not release exploits. We release warnings as soon
as we can provide our users with a fix or workaround. Sometime this does not
happen as fast as we would like it to happen. But we are only human after all.
cheers
afx
--
SuSE Muenchen GmbH Phone: +49-89-42769-0
Stahlgruberring 28 Fax: +49-89-42017701
D-81829 Muenchen, Germany
May the Source be with you!
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 8 Mar 2000, Andreas Siegert wrote:
>
> > Could you please stop that useless discussion.
>
> Discussing security announcments is useless discussion? Are you saying
> that on behalf of SuSE?
Discussing security announcements is not useless.
Repeating old discussions without new content is useless.
> What were the results of the bugtraq thread? Exploits are posted there
> as they are discovered. Perhaps if someone (yourself?) would make a stand
> on SuSE's take of the situation, the thread will be ended. In the meantime
> we'll have to debate our opinions which hopefully have some reflection on
> the opinions of SuSE, as the vendor.
> As Linux makes itself mainstream, large corporations have identified
> that, and will have to choose a vendor to use. I believe SuSE to be the
> best option currently, I just hope they can maintain that standpoint for
> me. I would like to present a vendor to my employer that releases bleeding
> edge exploits.
> Calling a client's issues "useless" is hardly a professional way to
> react. I would recommend satisfying the customers needs, and not making
> fun of their issues.
I do not call clients opinions useless. I did not say in any words anything
about release policies. I did not make fun of anyone. Please read what I wrote
exactly.
SuSE, like most vendors does not release exploits. We release warnings as soon
as we can provide our users with a fix or workaround. Sometime this does not
happen as fast as we would like it to happen. But we are only human after all.
cheers
afx
--
SuSE Muenchen GmbH Phone: +49-89-42769-0
Stahlgruberring 28 Fax: +49-89-42017701
D-81829 Muenchen, Germany
May the Source be with you!
| < Previous | Next > |