[Phpmyadmin-devel] phpMyAdmin 2.11.5 and security announcement
Marc Delisle
Marc.Delisle at cegepsherbrooke.qc.ca
Mon Mar 3 16:39:42 CET 2008
Thijs Kinkhorst a écrit :
> On Monday 3 March 2008 16:06, Sebastian Mendel wrote:
>> ups, this was not my aim, i did not want to overhelm you or impose it
>>
>> i really just wanted to discuss this and fully respect your decisions as
>> release manager and admin (and personal)!
>
> Just for the record (and as a member of the Debian security team): hiding
> details of a vulnerability hinders those wanting to fix it, while the bad
> guys indeed have much time and expertise anyway... fully agreed that this is
> the right choice.
>
Explaining details can augment the quantity of bad guys ... or help turn
a grey guy a bit darker :)
Marc
More information about the Developers
mailing list