On 03/15/2007 11:04:49 PM, Jeremy Huiskamp wrote:
That's what I was going to say. If you did things properly,
you would have had this patch applied before you knew that it
was a remote hole.
You have a valid point: any bug is a security problem.
However, the topic is not my management practices and
the tradeoffs involved therein. The topic is the
efficacy of the security-announce list. If I knew
security-announce was broken I could write a screen-scraper
to check the errata page for me.
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
