On Sun, 28 Aug 2005, Florian Weimer wrote:
> AFAIK, you can only blame the security team for lack of communication.
nah ... they're doing fine .. to the extent is needed ??
if it's important... they will post dsa ??
> They were ready to upload the packages, but the infrastructure to
> process them wasn't working.
yup
it sems most of the who/what/when/where/why of the infastructure
is a separate issue from "security"
what i think is needed is an automated script that checks
debian against known exploits or a way to verify that
the exploits/vulnerability does not affect debian
- both are non-trivial tasks to and lots
of presumably automated testing and time
c ya
alvin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
