"Karl O. Pinc" <[EMAIL PROTECTED]> writes: > On 03/15/2007 11:04:49 PM, Jeremy Huiskamp wrote: > > > That's what I was going to say. If you did things properly, > > you would have had this patch applied before you knew that it > > was a remote hole. > > You have a valid point: any bug is a security problem. > However, the topic is not my management practices and > the tradeoffs involved therein. The topic is the > efficacy of the security-announce list. If I knew > security-announce was broken I could write a screen-scraper > to check the errata page for me.
Any bug is a security problem. Let's forward source-changes to security-announce. //art