Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 18 Jan 2018 19:23:45 -0500
From: Nicholas Luedtke <nicholas.luedtke@....com>
To: <oss-security@...ts.openwall.com>
Subject: Re: How to deal with reporters who don't want their
 bugs fixed?

On 1/18/2018 5:01 PM, Solar Designer wrote:

> I think "semi-public" is the worst state an issue can be in, making the
> above suggestion the worst of those mentioned in this thread so far.

In my extremely humble opinion, a patched "semi-public" issue is better
than a unpatched private issue that is known to unknown number of people
with unknown intentions.

-Nicholas

Apologies for sending this off list Alexander. 




Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ