3 Mar
2008
3 Mar
'08
4:39 p.m.
Thijs Kinkhorst a écrit :
On Monday 3 March 2008 16:06, Sebastian Mendel wrote:
ups, this was not my aim, i did not want to overhelm you or impose it
i really just wanted to discuss this and fully respect your decisions as release manager and admin (and personal)!
Just for the record (and as a member of the Debian security team): hiding details of a vulnerability hinders those wanting to fix it, while the bad guys indeed have much time and expertise anyway... fully agreed that this is the right choice.
Explaining details can augment the quantity of bad guys ... or help turn a grey guy a bit darker :)
Marc