Security updates are too slow or none existant
Michael Schwendt
ms-nospam-0306 at arcor.de
Sun Feb 8 18:18:35 UTC 2004
On Sun, 8 Feb 2004 11:20:38 -0500 (EST), William Hooper wrote:
>
> Bart Martens said:
> > No, "testing" is not the place for security updates. When the security
> > updates are released for rh9, the security updates for fc1 should
> > already have gone through "testing", and be released to the public.
>
> Red Hat is part of a number of non-public groups that discus and fix
> security issues. Releasing an update into testing before the issue was
> made public would be irresponsible.
Doesn't apply to Gaim, because the full-disclosure embargo was lifted
on the same day the rh9 erratum was published. Check out the corresponding
bugzilla entry.
--
More information about the fedora-list
mailing list