Why did we use this phrase?
justdave at syndicomm.com
Thu Jan 9 09:44:00 UTC 2003
On 1/9/03 9:44 AM +0000, Gervase Markham wrote:
>>>Why did we use that second sentence in our advisory? Taken at its
>>>obvious meaning, it's totally untrue, and it makes us look like clueless
>>>idiots who don't know the first thing about web app security.
>> We didn't.
> Oh. :-) I'm sure I noticed that phrase in one of our drafts. But maybe I
> was hallucinating.
We didn't. Trust me. I went ballistic when I saw Debian's advisory and
went back to check to make sure. :) I raised hell with both them and
SecurityFocus over it (SecurityFocus had that wording on their website as
Dave Miller Project Leader, Bugzilla Bug Tracking System
More information about the developers