Re: Testing request: gnutls update for F19

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2014-03-05 at 15:22 +0800, Ed Greshko wrote:
> On 03/05/14 15:00, Adam Williamson wrote:
> > On Tue, 2014-03-04 at 23:14 -0500, Jonathan Calloway wrote:
> >> Can you please provide direction on how to test this, specifically for this bug?
> >>
> >> Jonathan Calloway
> > Just ensuring it doesn't break any dependent apps would be useful. I
> > don't know offhand how to check the actual vulnerability has been
> > correctly fixed, but as long as the update doesn't actually make
> > anything *worse*, we can't hurt anything by getting it to stable ASAP,
> > and I'm kinda figuring the RH security folks have verified the
> > vulnerability fix already.
> 
> Besides, maybe telling folks who don't know how to exploit the
> vulnerability isn't such a good idea?  :-) :-)

That's 'security by obscurity', which is no security at all in the case
of a publicly disclosed vulnerability. Trying to obfuscate the issue for
some specific sub-culture once a comprehensive public description
available is just silly.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux