oss-sec mailing list archives
Embargoes for secondary issues
From: Florian Weimer <fweimer () redhat com>
Date: Thu, 18 Dec 2014 10:52:38 +0100
Suppose we have an unfixed, public issue, and while working on a fix, other issues in the same code are discovered which are different flaws, but have similar impact than the original issue.
Do we need an embargo for the secondary issues, or can we just make them public immediately? I would strongly prefer the latter.
-- Florian Weimer / Red Hat Product Security
Current thread:
- Embargoes for secondary issues Florian Weimer (Dec 18)
- Re: Embargoes for secondary issues Raphael Geissert (Dec 18)