On Tue, Jun 12, 2012 at 02:23:47AM +0800, Aron Xu wrote: > sure whether it's relevant to Debian. People at Security Team are not > only responsible for fixing things when it breaks out, but also make > sure sensitive information is being disclosed in a correct form at a > correct time. In the end, I believe talking with them beforehand is > always a right way to do, no matter if Debian is affected by this > particular issue.
Coordinated disclosure is irresponsible, and we shouldn't do it. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120611183902.ga3...@scru.org
