[Phpmyadmin-devel] phpMyAdmin 2.11.5 and security announcement

Marc Delisle Marc.Delisle at cegepsherbrooke.qc.ca
Mon Mar 3 16:39:42 CET 2008


Thijs Kinkhorst a écrit :
> On Monday 3 March 2008 16:06, Sebastian Mendel wrote:
>> ups, this was not my aim, i did not want to overhelm you or impose it
>>
>> i really just wanted to discuss this and fully respect your decisions as
>> release manager and admin (and personal)!
> 
> Just for the record (and as a member of the Debian security team): hiding 
> details of a vulnerability hinders those wanting to fix it, while the bad 
> guys indeed have much time and expertise anyway... fully agreed that this is 
> the right choice.
>

Explaining details can augment the quantity of bad guys ... or help turn 
a grey guy a bit darker :)

Marc




More information about the Developers mailing list