On Wed, Jan 31, 2001 at 08:56:24AM +1100, Craig Small wrote: > G'day, > I'm writing this to express my frustration at the slowness Debian > seems to be afflicted with when it comes to letting people know about > our security vulnerabilities and fixes. > > We seem to be able to find, fix and upload fixed packages quite > quickly, however we are usually the last to let others know that they > should upgrade to the new packages, making our users unnecessarily > vulnerable.
I beg your pardon? This isn't the general case at all. Your example is certainly accurate, but to my knowledge lprng is the only thing to slip through the cracks that way in a year. We're often behind with fixes in general, but when we post a fix the advisory generally goes out the same day! Dan /--------------------------------\ /--------------------------------\ | Daniel Jacobowitz |__| SCS Class of 2002 | | Debian GNU/Linux Developer __ Carnegie Mellon University | | [EMAIL PROTECTED] | | [EMAIL PROTECTED] | \--------------------------------/ \--------------------------------/