@Matthias Klose: It must be possible to critisize something without being a developer. IMO, it's a breach of trust from a user's perspective. Why?
1. A patch is available for Karmic (and in some ppa's). Even without being a developer, I cannot imagine that it's so difficult to provide a patched version for other Ubuntu versions too. 2. Ubuntu has always been promoted as a safe OS that patches security leaks as fast as possible. But now we have a situation where a package with a serious leak has not been patched for several weeks although it's used by hundreds of thousands of users. 3. Nobody said that you, Matthias, or somebody else is the culprit. But if the Ubuntu Security Team and others are subscribed to this bug which has been open for weeks and there is still no reaction, something is terribly wrong. That's what Pjotr meant when he was talking about a structural problem. Is it a lack of manpower? Considering all these facts, you should not be too astonished that someone who's been a convinced Ubuntu advocate for years is becoming more and more irritated. -- version 1.6.0_15 is available https://bugs.launchpad.net/bugs/409559 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
