Hi! I am trying to understand if my organization can rely on the debian security announcement mailing list as only source of security alerts in the future.
This would be very convenient- but the delay that seems to have passed between the original squirrelmail security announcement and the time I received the alert via [EMAIL PROTECTED] is worrying: The Vulnerability seems to have been described a few weeks ago: http://www.squirrelmail.org/security/issue/2005-06-15 The Debian Security Advisory 756-1 is dated July 13th, 2005. I do not want to rude in any way- please try to excuse my way of putting things, but does anybody have a prediction how probable it is for such a thing to happen again? Is there a role/function in debian that is responsible for reviewing bugtraq or similiar sources, and is ensured that this role is fulfilled every day? Or will there be other measures in place to see that security issues are noticed quickly for all packages- even for strange tools that are not used by normal unix-centered developers? Kind regards, Herwig Wittmann -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]