On Sun, Aug 17, 2008 at 08:00:36PM -0500, Yaakov (Cygwin Ports) wrote: >Before packagers start focusing on 1.7, it appears that we still have a >number of security updates required for the 1.5 tree:
I hate to suggest another mailing list but I wonder if we should have another unarchived, closed list for discussing security issues. The recent setup.exe problem got me thinking that we might need something like this. I'm not suggesting that this email was inappropriate since these are all known issues but maybe another mailing list might help focus on important security issues. Or should we just use this list and not worry about it? cgf