Why did we use this phrase?
David Miller
justdave at syndicomm.com
Thu Jan 9 09:44:00 UTC 2003
On 1/9/03 9:44 AM +0000, Gervase Markham wrote:
>>>Why did we use that second sentence in our advisory? Taken at its
>>>obvious meaning, it's totally untrue, and it makes us look like clueless
>>>idiots who don't know the first thing about web app security.
>>
>> We didn't.
>
> Oh. :-) I'm sure I noticed that phrase in one of our drafts. But maybe I
> was hallucinating.
We didn't. Trust me. I went ballistic when I saw Debian's advisory and
went back to check to make sure. :) I raised hell with both them and
SecurityFocus over it (SecurityFocus had that wording on their website as
well).
--
Dave Miller Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/ http://www.bugzilla.org/
More information about the developers
mailing list