AW: Re: [RHSA-2003:279-01] Updated OpenSSH pack ages fix potential vulnerability

[vogt () hansenet com]

>  Various vendors posting to Bugtraq and FD are a good thing IMHO. It's
just
> like replies to a broadcast icmp echo request. Vendors that keep answering
> with reasonnable latency can be trusted. Vendors that only replies to
their
> private network can't be fully trusted by other people. Vendors that don't
> answer can't be trusted at all.

Yes, but maybe we could ask them to use some kind of agreed-upon tag in
the subject lines, so all of the "updated package" announcements can be
filtered into their own folder easily?

That way, we can all be happy.


Tom Vogt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html