KDE Security Advisory: Konqueror Referer Authentication Leak
Christoph Cullmann
cullmann at babylon2k.de
Thu Jul 31 20:15:45 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 31 July 2003 18:54, Neil Stevens wrote:
> On Thursday July 31, 2003 09:48, George Staikos wrote:
> > On Wednesday 30 July 2003 09:48, Neil Stevens wrote:
> > > I find it unacceptable that packagers two weeks advance notice before
> > > most KDE contributors on bad KDE bugs.
> >
> > That is a false statement. All bugs as such are patched in CVS
> > immediately. Read the commit list and you will see as soon as every
> > other developer and packager can see. That is the first notice.
>
> So why do vendors need alerted then? They get the same commit list.
perhaps because kde developers can keep track of kde development via cvs
commit lists, but not any vendor can keep track of all included software via
such lists, would be a bit much work I guess, considering the amount of
projects included in a normal distribution.
cu
Christoph
- --
Christoph Cullmann
KDE Developer, kde.org Maintainance Team
http://www.babylon2k.de, cullmann at kde.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/KU7EyPjDGePm9UIRAlO9AKCge+XS8vZCMkbod0U+jJOLCOgg0QCeLuoL
JtWfVvQ9j3LVX4NTrUkyTcI=
=EP35
-----END PGP SIGNATURE-----
More information about the Kde-policies
mailing list