On Wednesday 01 November 2006 23:23, Peter Gordon wrote: > I, for one, think that this is a great idea. Finding and fixing bugs in > something as critical as the kernel (especially the filesystem code as I > understand their page) is a definite plus. Finding the bugs is great, however reporting security flaws to vendor-sec and allowing vendors to coordinate in releasing the right fix at the same time is better for the end users and community. Just dumping a new vulnerability a day to public space is just creating chaos. Vendors will scramble to fix the flaw, different patches will be used, updates will be rushed out, etc... -- Jesse Keating Release Engineer: Fedora
Attachment:
pgpIKjv9jtmdZ.pgp
Description: PGP signature