New FE vulnerabilities

Jesse Keating jkeating at
Thu Mar 9 20:37:40 UTC 2006

On Thu, 2006-03-09 at 22:14 +0200, Ville Skyttä wrote:
> Why is that?  I would MUCH prefer if discussions would be kept on-list.
> Apologies if this was explained earlier, I missed the first few posts
> here.

I guess it depends on how we use this list.  We may want to ping for
somebody to help with a given package, but not want to have a public
record of the discussion of sensitive matter until such time as updates
are prepared.  I don't want to see this list become a place for hackers
to listen in on what packages are known to be flawed.

> >  I'd MUCH rather see reply-to
> > > NOT get munged and create misfires to the list itself.   I'm sorry your
> > > client doesn't support list-post, perhaps complain upstream?
> >
> > Mine isn't and I'm using thunderbird, which is imho a respectable 
> > client, thus assuming that clients handle reply-list is a wrong assumption.
> The FC4 Evolution I'm using does kind of support it, but the option is
> not very prominently available in the UI.  And because very few lists
> are configured in a way that I need to take special care to get my
> replies to go to the list address, the keyboard shortcut doesn't stick
> very easily in muscle memory. 

It took me VERY little time to get used to <ctrl>l to reply list.  I am
on a LOT of lists and not all are configured the same.  Remembering
<ctrl>l for every list will always do the right thing wrt replying to
the list.  There are other RFE matters against munging the reply-to
headers, but that's an exercise for the bored.  I've voiced my opinion,
others can do the same.

Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Fedora-security-list mailing list