Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] Security announcements
  • From: Thomas Biege <thomas@xxxxxxx>
  • Date: Wed, 8 Mar 2000 14:35:30 +0100 (MET)
  • Message-id: <Pine.LNX.4.05.10003081423060.2009-100000@xxxxxxxxxxxxxx>

> installation? I believe that the fact security problems could be with held
> from the public for upto a month, because it "seems fair" to the vendor is
> relevent to all those on this list.

(in SuSE's case)
We write a fix right after the bug was dicovered. We send the fix plus bug
description to other vendors.
And gernerally we wait 3-5 days before releasing the advisory.
I think this time is fair for everyone, the users/admins, the programmers
and the vendors.

> What I am planning on doing is talking to a few other people (I've not
> seen any SuSE representative post on this topic, but would be interested
> if they could contact me off list), and as soon as I have the chance

If you want to discuss something, contact us...

Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@xxxxxxx Function: Security Support & Auditing
"lynx -source | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47

< Previous Next >
List Navigation