Same problem, different perceptions [LWN.net]

Same problem, different perceptions

Posted Sep 11, 2008 20:51 UTC (Thu) by skvidal (subscriber, #3094)
In reply to: Same problem, different perceptions by jake
Parent article: Fedora distributes new keys

I'll quote, again, from the announcement from 8/22:

"These efforts have also not resulted in the discovery of additional security vulnerabilities in packages provided by Fedora."

and then I'll quote from my own blog:
" Just to dispell this concern. Every package we (fedora infrastructure) have installed or updated on a system since the incident occurred is public and available."

Hope this helps.

(Log in to post comments)

Same problem, different perceptions

Posted Sep 11, 2008 21:08 UTC (Thu) by jake (editor, #205) [Link]

> "These efforts have also not resulted in the discovery of additional
> security vulnerabilities in packages provided by Fedora."

Which can be read several different ways:

- we don't know how the intrusion occurred
- we do know, but it wasn't an "additional security vulnerability" in a package that Fedora ships, which leaves packages that Fedora doesn't ship as well as known, but unpatched, vulnerabilities
- probably other interpretations depending on what the meaning of "is" is

I know you are trying to be helpful and you folks don't like this any more than I do, but after almost a month, I think we are due more than lawyer-ese like the above.

jake