[Mailman-Users] any info on this reported exploit?

Jim Popovitch jimpop at yahoo.com
Fri Jan 27 22:14:56 CET 2006


Jim Popovitch wrote:
> Brad Knowles wrote:
>> At 3:41 PM -0500 2006-01-27, Jim Popovitch wrote:
>>
>>>>  5.  Security patches are asynchronous, like earthquakes, they happen
>>>>   when they happen.
>>>
>>>  Very bad analogy.  Hurricanes would be better.  There is plenty of
>>>  potential for user-base warning before a patch is to be released.
>>
>>     No, Stephen was right -- the model is Earthquakes.  
> 
> No, Stephen specifically said "Security patches".  Patches don't 
> materialize overnight and surprise *everyone*, sadly just the users.
> 

Let me add that this whole issue is getting clouded by side comments 
unnecessarily.  No one is challenging the skill or capability of the MM 
developers, so there is no need to keep bringing up the pace/rate they 
work.  Secondly, no one is saying "give us the keys to the kingdom", 
what I am saying is please keep us informed about what is coming down 
the pipe.  I don't need specifics or details, just info I can use to 
plan/schedule.  Simply put, don't surprise us with patches/fixes 
(critical or not).  Nothing more, nothing less.

-Jim P.







More information about the Mailman-Users mailing list