The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: URGENT: libXt problems

> 
> IMHO this must go into 1.3, there is no point doing a release
> containing well-known security bugs of this kind.
> 

Is anyone else shipping a fixed version of this ?

As long as users are aware of the implications, I don't see this as a problem, 
 we can always fix it in 1.3.1.

All the people I support running Linux, either don't run X, or run it in an 
environment where they trust the people they work with (often they are all set 
up with sudo, so why hack X ?) --- Therefore, this bug does not affect any of 
them.

This cannot be unique, so we are depriving a large section of our users 
because some people want to run X in untrusted environments.  I realise this 
is a significant number of people, but why don't we just tell those people 
they will have to wait a couple of weeks, or risk it.

If we delay release every time someone finds something like this we will never 
release it.

Cheers, Phil.

P.S.  Red Hat announced that they have a fix.
      Oh Well, there goes some of my argument :(
I'll mail this anyway to make sure the list is up.





--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .