On Mon, 24 Jan 2005 09:58:30 +0100 Xavier-Francois Roblot <[EMAIL PROTECTED]> wrote: | Hi, the last unstable version of evolution 2.0.3-r1 was released to | fix bug #79183 according to the ChangeLog. Since I am a curious guy, I | wanted to have a look at what this bug is. But when I search for it on | bugs.gentoo.org, I get: | | You are not authorized to access bug #79183.
The bug will become open to the public as soon as we're allowed to do so. Lemme explain the issue... A fair number of security bugs come in via VendorSec. VendorSec's policy on security bugs is to keep the bug details secret until all their member distributions have released fixed versions. Gentoo is one of the VendorSec member distributions, and as part of that we have to agree not to publish details of security things we get from them until after the deadline. You could argue that we shouldn't be involved in anything like this, simply on principle. However, given the choice between giving our users secure systems, or not knowing about security bugs *at all* for anything up to several months after RedHat and Debian do, the decision was made to keep certain bugs locked for a while if this was necessary for us to see the bug information. (Note: we also restrict certain devrel bugs. These are to do with Gentoo internal developer management things, and aren't relevant to end users.) -- Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, shell tools) Mail : ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm
pgpsm42y3DQAr.pgp
Description: PGP signature
