Package: www.debian.org Severity: serious The header of the security page explains Debian's consideration of security issues and mentions an average security issues response time under 48 hours.
I am certainly not the first person to notice this, but I have seen nothing about this issue since months. If someone doesn't agree that this is an order of magnitude too optimistic, I'll point to http://lwn.net/Articles/149976/ Note that I'll be happy to compile stats verifying whether the 48 hours response time is right if somebody can provide a method they think would prove it right. I make this a serious bug to get attention. Whatever happens to this bug's severity, I would really appreciate this issue to be treated. It's OK to have perhaps an underoptimal security infrastructure, as long as this is acknowledged and that there's no false claim about it. Actually, "Debian takes security very seriously." is just a questionable statement, but giving a statistic that wrong about it just kills credibility. Keep in mind, those two sentences are probably the first ones someone Google-ing for "Debian security" will read. Suggested fix : remove the two first sentences, at least the second. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
