... And, again, this bug was ignored for 4 and a half months, till the vulnerable release went EOL.
Again, "Really _awesome_ security policy guys!" Again, "I'd expect that tactic from MS Windows, not from Ubuntu." I know you guys are manically busy working on new features, I know back- porting security fixes is a right PITA, slow, boring, and what you *don't* want to be spending time on. But by not patching it, you're letting people's data swing free in the breeze, with a documented problem available on the net for exploitation. How can I make you take what's happened here seriously? Post this on my blog, and by extension the Ubuntu UK planet? Post on the general Ubuntu mailing lists? Post any exploits that I help confirm later on cracker forums? Should you take this sort of security hole seriously? Because you obviously haven't. If I knew how this stuff worked, if I was able to learn this stuff myself, I'd try to help fix it. But as it is, my programming knowledge is basic, and I accept the description of myself as "not a natural programmer" as truth. -- LTSPFS security is broken https://bugs.launchpad.net/bugs/133635 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
