On Wed, 2006-11-01 at 23:30 -0500, Jesse Keating wrote: > On Wednesday 01 November 2006 23:23, Peter Gordon wrote: > > I, for one, think that this is a great idea. Finding and fixing bugs in > > something as critical as the kernel (especially the filesystem code as I > > understand their page) is a definite plus. > > Finding the bugs is great, however reporting security flaws to vendor-sec and > allowing vendors to coordinate in releasing the right fix at the same time is > better for the end users and community. Just dumping a new vulnerability a > day to public space is just creating chaos. Vendors will scramble to fix the > flaw, different patches will be used, updates will be rushed out, etc... Right. I didn't catch that aspect of it. Thanks for the explanation. O:) -- Peter Gordon (codergeek42) GnuPG Public Key ID: 0xFFC19479 / Fingerprint: DD68 A414 56BD 6368 D957 9666 4268 CB7A FFC1 9479 My Blog: http://thecodergeek.com/blog/
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list