Re: [pgsql-advocacy] MySQL worm attacks Windows servers
| От | Jan Wieck |
|---|---|
| Тема | Re: [pgsql-advocacy] MySQL worm attacks Windows servers |
| Дата | |
| Msg-id | 420638CA.8030601@Yahoo.com обсуждение исходный текст |
| Ответ на | Re: [pgsql-advocacy] MySQL worm attacks Windows servers (Peter Eisentraut <peter_e@gmx.net>) |
| Ответы |
Re: [pgsql-advocacy] MySQL worm attacks Windows servers
|
| Список | pgsql-general |
On 1/30/2005 10:18 AM, Peter Eisentraut wrote: > Dawid Kuroczko wrote: >> I think it is in good taste that when you find a >> bug/vulnerability/etc first you contact the author (in this case: >> core), leave them some time to fix the problem and then go on >> announcing it to the >> world. > > In this case, core is not the author of the object in question. And of > course, to report a "bug/vulnerability/etc" you would write to > pgsql-bugs, not core. > No, Peter. Posting a vulnerability on a public mailing list "before" there is a known fix for it means that you put everyone who has that vulnerability into jeopardy. Vulnerabilities are a special breed of bugs and need to be exterminated a little different. Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== JanWieck@Yahoo.com #
В списке pgsql-general по дате отправления: