-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Garito wrote: > The same question again and again > > As a Zope user I prefer to know as soon as possible if Zope has security > problems like those > > Perhaps the correct way will be to send the problem to the zope people and 2 > weeks later then make it public > > I think 2 weeks is a very correct period to solve a problem if not, I want > to try to solve the problem for myself > > But I shout my mouth, sorry Andreas ;) > > 2008/8/12 Andreas Jung <[EMAIL PROTECTED]> > >> *sigh* >> >> I wished that both exploits were reported to the Zope bugtracker in order >> to work on solutions before making the exploits public.
Right: we would just like time to investigate the problem so that we can announce the problem and the workaround / hotfix / new releases simultaneously. Two weeks would be longer than I would expect that process to take. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIobSh+gerLs4ltQ4RAor1AJ94e+J6HcSYQbYTNM0x+FhGHiUxygCeMk5N De3Ub0slW6p+DKJh3dRG+a8= =pA6g -----END PGP SIGNATURE----- _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )