Gentoo Security Team,
On your security web page
(http://www.gentoo.org/security/en/index.xml), you make the following
statement about how you work with vendors in a professional manner: We
work directly with vendors, end users and other OSS projects to ensure
all security incidents are
On Thu, Dec 14, 2006 at 06:39:55PM -0600, [EMAIL PROTECTED] wrote:
Gentoo Security Team,
This statement seems to contrast greatly your practice of not following
a professional responsible disclosure process; particularly, posting a
security issue only 8.5 hours after your initial report was
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200612-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
