November is officially renamed as "tick off Dave Jones"...
Peter Gordon
peter at thecodergeek.com
Thu Nov 2 04:40:04 UTC 2006
On Wed, 2006-11-01 at 23:30 -0500, Jesse Keating wrote:
> On Wednesday 01 November 2006 23:23, Peter Gordon wrote:
> > I, for one, think that this is a great idea. Finding and fixing bugs in
> > something as critical as the kernel (especially the filesystem code as I
> > understand their page) is a definite plus.
>
> Finding the bugs is great, however reporting security flaws to vendor-sec and
> allowing vendors to coordinate in releasing the right fix at the same time is
> better for the end users and community. Just dumping a new vulnerability a
> day to public space is just creating chaos. Vendors will scramble to fix the
> flaw, different patches will be used, updates will be rushed out, etc...
Right. I didn't catch that aspect of it. Thanks for the explanation. O:)
--
Peter Gordon (codergeek42)
GnuPG Public Key ID: 0xFFC19479 / Fingerprint:
DD68 A414 56BD 6368 D957 9666 4268 CB7A FFC1 9479
My Blog: http://thecodergeek.com/blog/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20061101/8f3c481e/attachment.sig>
More information about the fedora-test-list
mailing list