Red Hat updates apache, elm, cvs, kdepim
Jason
rohwedde at codegrinder.com
Wed Jan 21 20:52:19 UTC 2004
On Wed, Jan 21, 2004 at 03:20:17PM -0500, Todd wrote:
> Jesse Keating wrote:
> > We should write an advisory that this vul does not effect the
> > releases we support. Thoughts on format?
>
> Doesn't the KDE advisory make that clear enough? Seems like there is
> already more than enough work just to keep up with the known updates.
> If there are folks insisting that the vulnerability affects KDE < 3.1
> then let them do some work to show that and then it might be worth
> looking at.
>
> Putting out advisories that something *isn't* vulnerable seems useless
> at best and confusing at worst. To me anyway. It might be different
> if 8.0 had a vulnerable version and 7.x didn't. Then noting that the
> vuln didn't affect 7.x might be good to do in the advisory for the
> updated 8.0 packages. This case could happen with KDE packages after
> 9 goes EOL in April.
I concur
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20040121/7ca4d533/attachment.sig>
More information about the fedora-legacy-list
mailing list