One DD replied off-the-list, so I'll quote him without attribution:
> I understand your concern, but practicality is better then theory.
>
> (...) we will get notification when vulnerabilities are exploited, and so we
> get priority.
It's not so theoretical:
"Google is aware that an exploit fo
Dear Diederik,
New code fixes old bugs, but introduces new ones. Then Debian comes in and, at
some point, applies a small portion of those fixes to old code.
My problem is that debian.org/security is not telling you that. People read the
page and get the mistaken impression that all of Debian's
Dear Andrew,
My critique is NOT of how the Debian project manages updates in Stable. It's of
the decision not to inform the users of the inherent limitations of Debian's
approach, which I believe is a violation of the social contract.
Let me make some concrete proposals for debian.org/security
Davide Prina wrote:
> you must understand that who report a security problem can be a different
> person
The point is, to quote the paper:
"a vast majority of vulnerabilities and their corresponding security patches
remain beyond public exposure"
Vulnerabilities are fixed in fresh versions o
Am I really the only one who thinks that it's a direct violation of the social
contract? Of course, I wouldn't expect a commercial entity in Debian's position
to be upfront with their users about the limitations of their product, but
Debian was supposed to be different, was it not?
--
Sent wit
Hello
Let me first say that while my message is critical, Debian is my favorite Linux
distro, and I've used many over many years. The goal of this post is to improve
the way the security information is communicated on debian.org, which I believe
is misleading.
security.debian.org starts off wi
Package: project
Severity: wishlist
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
-> The Packages-Activity
* What exactly did you do (or not do) that was effective (or
ineffective)?
-> I tried to
On 19.04.2012 19:39, Jakub Wilk wrote:
>
> It's not a Debian logo. Not even close.
>
It actually looks the same.
> To avoid further confusion, maybe it'd be a good idea to change our logo
> to something less silly.
>
I like debian logo now.
signature.asc
Description: OpenPGP digital signatur
Hi,
I work for a web hosting site, which gives detailed information about
different services and packages about hosting.
I came across your website : debian.org. And I find it very relevant to my
client's site.
I would like to have your co-operation, which I believe will help us to
increase the
d future Debian releases.
If you have comments or concerns, please let me know!
-- Max AltStaff Software ArchitectChannel Software OperationIntel Corporation
[EMAIL PROTECTED]
Title: On behalf of Max Group Corporation
On behalf of Max Group Corporation, I would like to thank you for
participating in the Max Group B2B eccommerce program.
Your B2B account can now reflect your true cost.
24 / 7 access to your pricing, ( Price set by your Sales Person)
24 / 7 real
PROTECTED]
Please CC your replies to either me or (better) the win32-list.
Thanks for your parience.
Max Berger
e-mail: [EMAIL PROTECTED]
--
XSLT: http://www.xslt.de/ ACPI4Linux: http://phobos.fs.tum.de/acpi/
FBR-Info: http://www.fs.tum.de/FSMPI/ Sysop: http
12 matches
Mail list logo
