On Wed, Feb 18, 2004 at 09:17:13PM +0100, Florian Weimer wrote: > > Does this mean, that a well known exploit was kept back for nearly three > > weeks, just because some odd vendors were unable to build there kernels in > > time? > > Yes, this is the norm. Debian hides security bugs from its users for > extended periods of time.
And just why do you suppose this happens? Is the Debian security team interested in seeing its users' systems cracked? Or maybe they like knowing something that their users don't know? Or, do you suppose there might actually be a perfectly valid reason to delay the release of this information? noah
pgpeyxPhNtXoJ.pgp
Description: PGP signature
