On Thu, Jul 14, 2005 at 05:40:22PM +0200, Herwig Wittmann wrote: > Hi! > > I am trying to understand if my organization can rely on the debian > security announcement mailing list as only source of security alerts in > the future. > > This would be very convenient- but the delay that seems to have passed > between the original squirrelmail security announcement and the time I > received the alert via [EMAIL PROTECTED] is worrying: > > The Vulnerability seems to have been described a few weeks ago: > http://www.squirrelmail.org/security/issue/2005-06-15 > > The Debian Security Advisory 756-1 is dated July 13th, 2005. > > > I do not want to rude in any way- please try to excuse my way of putting > things, but does anybody have a prediction how probable it is for such a > thing to happen again? > > Is there a role/function in debian that is responsible for reviewing > bugtraq or similiar sources, and is ensured that this role is fulfilled > every day? > > Or will there be other measures in place to see that security issues are > noticed quickly for all packages- even for strange tools that > are not used by normal unix-centered developers? > > Kind regards, > Herwig Wittmann
Herwig, I hope this link will help http://newraff.debian.org/~joeyh/stable-security.html Regards, Paddy -- Perl 6 will give you the big knob. -- Larry Wall -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
