-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jan 10, 2017 at 08:49:56AM +0200, Lars Wirzenius wrote:
> Now, it's true that we track security issues in a different, and
> it's private, which is in contradiction to what the social contract
> says:
It's also a service to our users and free
On Tue, Jan 10, 2017 at 07:30:23AM +0100, Moritz Mühlenhoff wrote:
> Scott Kitterman wrote:
> > Has anyone ever seriously questioned the appropriateness of the
> > Security Team's practices based on the Social Contract?
>
> Not in the last 11 years since I'm around. If that
Scott Kitterman wrote:
> Has anyone ever
> seriously questioned the appropriateness of the Security Team's practices
> based on the Social Contract?
Not in the last 11 years since I'm around. If that came up before, Martin or
Wichert should know.
> I don't think we
On Monday, January 09, 2017 09:00:58 PM Russ Allbery wrote:
> Scott Kitterman writes:
> > On Monday, January 09, 2017 07:08:19 PM Sean Whitton wrote:
> >> === BEGIN GR TEXT ===
> >>
> >> Title: State exception for security bugs in Social Contract clause 3
> >>
> >> 1.
Scott Kitterman writes:
> On Monday, January 09, 2017 07:08:19 PM Sean Whitton wrote:
>> === BEGIN GR TEXT ===
>>
>> Title: State exception for security bugs in Social Contract clause 3
>>
>> 1. Debian has a longstanding practice of sharing information about
>>serious
On Monday, January 09, 2017 07:08:19 PM Sean Whitton wrote:
> === BEGIN GR TEXT ===
>
> Title: State exception for security bugs in Social Contract clause 3
>
> 1. Debian has a longstanding practice of sharing information about
>serious security bugs with only the security team. This is so
=== BEGIN GR TEXT ===
Title: State exception for security bugs in Social Contract clause 3
1. Debian has a longstanding practice of sharing information about
serious security bugs with only the security team. This is so that
they can co-ordinate release of the information with other
7 matches
Mail list logo