On Fri, Jul 29, 2011 at 11:46 AM, Ware, Ryan R <[email protected]>wrote:
> On 7/28/11 10:04 PM, "Timo Härkönen" <[email protected]> wrote: > > >On Fri, 2011-07-29 at 07:52 +0300, Zhou, JieX A wrote: > >> Hi all, > >> > >> There is no scrub meeting for bugs assigned to > >> [email protected] today. > >> > >> By our last scrub meeting, all the open bugs assigned to this account > >> have been scrubbed and now all these bugs have been updated > >> accordingly. And by now, there are still 5 open bugs waiting for > >> further action: > > > ><snip> > > > >I don't know how good idea it is to copy-paste descriptions of security > >bugs here. Those have limited access in bugzilla for a reason. > > Yes Please! Now we've announced to the world that MeeGo is vulnerable to > CVE-2010-3879 and CVE-2011-0640 and that we have no current fix for it. > > Security bugs are private for a reason. well, it's worth remembering they're not really that private no matter what their bz status may be, especially once a CVE is issued.
_______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev http://wiki.meego.com/Mailing_list_guidelines
