Why did we use this phrase?

David Miller justdave at syndicomm.com
Thu Jan 9 09:33:17 UTC 2003


On 1/9/03 9:30 AM +0000, Gervase Markham wrote:

> Why did we use that second sentence in our advisory? Taken at its
> obvious meaning, it's totally untrue, and it makes us look like clueless
> idiots who don't know the first thing about web app security.

We didn't.

Debian took it upon themselves to rewrite our advisory and everyone else
has been copying theirs.

Both Debian and SecurityFocus have already issued corrections at my
request.  But it's too late for everyone who already copied it.
-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/



More information about the developers mailing list