[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-promo
Subject:    Re: [kde-promo] Re:  Re:  Re: discussion? where? well, not here...
From:       Dirk Mueller <mueller () kde ! org>
Date:       2002-11-26 23:21:41
[Download RAW message or body]

On Mon, 25 Nov 2002, Neil Stevens wrote:

> OK, so it's your site's policy that security problems don't exist until 
> "security@kde.org" says they exist?  Even when app maintainers warn of 
> them, you won't warn the users?
> 
> Just wait until someone on security@kde.org plants a bug.  Then dot.kde.org 
> won't ever publish the warning.

As Navindra said that he won't answer your mails upon this topic anymore, I 
still don't want to have the thread ended this way, so I want to clarify for 
the record: 

The story Navindra accidentally approved too early (or rather was posted by 
someome else way too early) was faulty and was full of incorrect 
information. It is sensible to not confuse user by telling them bullshit, 
but to investigate the problem and then giving correct and detailed 
instructions for overcoming the vulnerability. 

This BTW also includes a verified fix for the discovered problem(s). 

Due to the maintainers slow response to repeated patch attempts and 
other organisational failures this took way longer than optimal, but it 
was still clearly not part of security@kde.org's intention to slow it down. 

If you still have a problem, Neil, then write personally, because your 
elaborations of ignorance are offtopic on this list. 


-- 
Dirk (received 10 mails today)
 
_______________________________________________
This message is from the kde-promo mailing list.

Visit http://mail.kde.org/mailman/listinfo/kde-promo to unsubscribe, set digest on or \
temporarily stop your subscription.


[prev in list] [next in list] [prev in thread] [next in thread]