Quoting "b@rry.co.za" <b@rry.co.za>:
A mistake has happened, been recognised, and guaranteed will be analysed to try and prevent the same mistake from happening again.
Most kids fall off their bucycle at some point. They learn at that point that turning in the sand at high speed is a bad idea and don't do it again (unless the truck they are trying to avoid takes their eyes off the road for a moment).
So all in all, SuSE keep it up, everyone else, shut up, I am getting to see this thread as SPAM in my security mailbox and am sure that while I am only adding to the problem now, hopefully you will all grow up and spend more time fixing your problems than whining because someone else isn't.
Perhaps you haven't had any problems at all, I don't know. But let's take an example that's been biting me: tripwire. When SuSE 9.0 came out, the version of tripwire that came with it didn't work, period. There was more than one discussion on this list and bug reports filed, but nothing happened for months and months. I eventually even had to personally tell the SuSE people at LinuxWorld. A week later it was fixed. OK, that's just one program, but fast forward a few more months: A security problem is found with tripwire. SuSE releases a fix with, you guessed it, the same problem as the original release of tripwire: It will not run. This wasn't a "doesn't work with a particular hardware", it's a "segfaults on every system, every time". I would imagine that the most basic QA is "run the program". Add to this the number of kernel problems people have been having, where a machine simply won't boot, and people have to wonder: Has Novell decided QA isn't worth it? When the response to our query is market-speak drivel, we are only left to assume that the security people have been fired and replaced with PR lackeys. I don't need them to curse, just communicate with us as human beings. Using market-speak on a security forum is just insulting. As I said in my previous post: If SuSE communicates with us, we'll give them every chance. When there's a problem with a patch and it's taking longer than normal, drop a note on the list and let us know what's going on. We'll understand, and heck one of us might just be able to help. We don't like faceless corporations shoveling drivel. We get far too much of that every day here in the USA. Linux's strength is community. The more SuSE acts like part of that community, the more loyal and willing to help all of us will be. This isn't whining, this is telling SuSE how it can be better. Because, you know what, most of us here want SuSE to be better. Lastly, I don't think your suggestion that we're all freeloaders on this list is true. On SuSE-security, you're far more likely to find sysadmins than end users. Sysadmins work for businesses that are willing to spend money. I'm one of them.