Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] Aliases...
  • From: cogNiTioN <cognition@xxxxxxxxxxx>
  • Date: Fri, 3 Mar 2000 15:37:54 +0000 (GMT)
  • Message-id: <Pine.LNX.4.10.10003031528450.3066-100000@xxxxxxxxxxxxxxxxx>
On Fri, 3 Mar 2000, Francisco M. Marzoa Alonso wrote:

> [...]
> Ok, enough is enough, perhaps Jussi shouldn't wonder about what
> cognition (i prefer real names too but...), does with his time, but fuck
> you it's never a constructive answer for nothing.

A discussion with someone who has already written you off because of your
name is also rarely constructive. The only way that there is maybe scope
to be constructive is to aid in the abolition of the predudice.

> *JUST MY* opinnion:
> If you're able to release a good patch (or a workaround at least), for
> your reciently discovered security bug, then you should publish it, if
> not, *I* think that's better ask anyone who can release it before
> publishing the information, there's a lot of badhands out there awaiting
> for that kind of data.

I like the idea previously suggested; Have a two stage advisory release,
where the first advisory warns about the presence of the problem, what it
affects and it's severity, released as soon as the problem is discovered,
and then the next one is released when the patch is avaliable, and
contains full details about the problem, exploit, patch, etc.

> That's it. No need more lines saying dirty things about the mother of no
> one... :)
> Have a good one everybody.

Will do, thanks.


< Previous Next >
List Navigation