* Bernd Eckenfels: > In article <[EMAIL PROTECTED]> you wrote: >> IOW, the soaking period is required. > > But we don't hide Bugs. And given the voluntary nature of Debian a lot of > fixes just wont happen before the velnerability is widely known, anyway. > Just see the current samba problem.
Sorry for being unclear. The soaking period starts *after* the issue has been published. > And besides the openssh disaster I dont see many destructive security > patches, especially not with debians conservative backporting strategy. That's because the potentially destructive patches simply don't happen. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]