User: Password:
Subscribe / Log in / New account

Re: Releases for recent security vulnerability

From:  Brian Curtin <>
To:  Gustavo Narea <>
Subject:  Re: Releases for recent security vulnerability
Date:  Fri, 15 Apr 2011 07:30:54 -0500
Message-ID:  <>
Archive-link:  Article

On Apr 15, 2011 3:46 AM, "Gustavo Narea" <> wrote:
> Hi all,
> How come a description of how to exploit a security vulnerability
> comes before a release for said vulnerability? I'm talking about this:
> My understanding is that the whole point of asking people not to
> report security vulnerability publicly was to allow time to release a
> fix.

To me, the fix *was* released. Sure, no fancy installers were generated yet,
but people who are susceptible to this issue 1) now know about it, and 2)
have a way to patch their system *if needed*.

If that's wrong, I apologize for writing the post too early. On top of that,
it seems I didn't get all of the details right either, so apologies on that
as well.

(Log in to post comments)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds