Stefan Hornburg wrote: > The information was already public before the Debian bug was reported, > so the submitter did the correct thing.
Well, I also thought that the posting of mydns-announce is a publication, but then the author told me that I should keep the resonance low for the next days, that's way I reacted in this way. | I'm not going to post the upgrade to Freshmeat or SourceForge for | at least another week or so, so that the mydns-announce subscribers | can upgrade before I end up publicizing the fact that there is a bug | of this type. I did not mention the nature of the bug in the | ChangeLog or anywhere, but I doubt it would take somebody very long to | write an exploit by examining the code changes, etc. Updates to both stable and unstable are already prepared and will be uploaded ASAP. I'm still missing the CAN number, the security team sent a query about it to the ones who found the bug. Kind regards, Philipp Kern
signature.asc
Description: OpenPGP digital signature
