On Wednesday 07 July 2004 18.28, Matt Zimmerman wrote: > On Wed, Jul 07, 2004 at 01:17:01PM +0200, Jeroen van Wolffelaar wrote: > > On Wed, Jul 07, 2004 at 02:49:54AM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> > > Why does the security team have to do this? Anybody can do it. > > Not without spending lots of time crawling through security lists, > > CAN/CVE's, bugtraq, verifying whether debian has the offending > > version, etc. > How do you think the security team does it? We do not have a magic > filter which shows us only issues which affect Debian stable; this is > all done by hand. I think Jeroen is thinking about security problems the security team already knows about but has not yet had time to handle (and which have already been made public somewhere else.) Stupid if somebody has to search the sources *again* if the security team already has the information. greetings -- vbi -- featured product: SpamAssassin - http://spamassassin.org
pgpXqgOaGf4BX.pgp
Description: signature