[Development] Proposal: Change Qt's Security Policy to Full Disclosure

Giuseppe D'Angelo dangelog at gmail.com
Fri Oct 19 19:09:54 CEST 2012


On 19 October 2012 17:48, Alexis Menard <alexis at webkit.org> wrote:
>
> Hi,
>
> First you should let more than a day for people to answer.
>
> Secondly I disagree with your statement and using the same link
> (Debian) you sent let me quote something else :

And to add a proper reference other than the FAQ, the Debian
Developers' Reference[1] says:

5.8.5.2. Confidentiality

Unlike most other activities within Debian, information about security
issues must sometimes be kept private for a time. This allows software
distributors to coordinate their disclosure in order to minimize their
users' exposure. Whether this is the case depends on the nature of the
problem and corresponding fix, and whether it is already a matter of
public knowledge.

[1] http://www.debian.org/doc/manuals/developers-reference/pkgs#bug-security

Cheers,
-- 
Giuseppe D'Angelo



More information about the Development mailing list