On Thu, 2004-08-19 at 09:44, Rui Miguel Seabra wrote: > OT: personally I'm in favour of full disclosure, and I won't reply to > anyone trying to make a thread on this, so don't bother to criticize! Man. Now I *have* to reply. But not to criticize. The reason this is, is to encourage coordinated release across repositories and distros. Each vendor and many package maintainers do have a security list where this is fully disclosed (many are cross community/company.) What you don't want to do is have one launch a fix and have others caught with their pants down when a script kiddie gets hold of it. Full disclosure without full exposure. Heh. Me And Jesse Jackson. --jeremy
