[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Lack of update information



Robert Scheck wrote:


Very good question. When asking, I didn't get a real answer. Sometimes, a
public proof of concept exists already. Maybe the intention is, that if
they make the security issue public, the vendors had time to put updated
packages into their systems. Luckily, that doesn't happen all the time, but
only sometimes. If you click through my phpMyAdmin updates, you will find
some bug reports referencing "not yet clearly specified security issue" or
similar things. Much more can a packager not do, I would guess.

Maybe you can take this up to

http://lists.freedesktop.org/mailman/listinfo/distributions

Collectively apply some pressure to upstream or atleast find good consistent workarounds.

Rahul


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]