|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: What to do about unfixed vulnerabilities?
From: Bill Sommerfeld (sommerfeld
orchard.arlington.ma.us)Date: Mon Oct 23 2000 - 13:34:37 CDT
- Next message: Hubert Feyrer: "Re: What to do about unfixed vulnerabilities?"
- Previous message: Trevor Johnson: "Re: What to do about unfixed vulnerabilities?"
- Next in thread: Steven M. Bellovin: "Re: What to do about unfixed vulnerabilities?"
- Maybe reply: Bill Sommerfeld: "Re: What to do about unfixed vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> I agree, however, that the version numbering may be obscure - we should
> perhaps change the vulnerability list to reflect the first version which is
> safe, rather than the last vulnerable version, to make it obvious what's
> going on.
> i.e. pine<4.21nb1, rather than pine<=4.21
agreed, at least when a fixed package exists in pkgsrc; the message
can then say "Versions of the pine package older than 4.21nb1 have a ..."
- Bill
- Next message: Hubert Feyrer: "Re: What to do about unfixed vulnerabilities?"
- Previous message: Trevor Johnson: "Re: What to do about unfixed vulnerabilities?"
- Next in thread: Steven M. Bellovin: "Re: What to do about unfixed vulnerabilities?"
- Maybe reply: Bill Sommerfeld: "Re: What to do about unfixed vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]