[Development] Proposal: Change Qt's Security Policy to Full Disclosure
Giuseppe D'Angelo
dangelog at gmail.com
Fri Oct 19 19:09:54 CEST 2012
On 19 October 2012 17:48, Alexis Menard <alexis at webkit.org> wrote:
>
> Hi,
>
> First you should let more than a day for people to answer.
>
> Secondly I disagree with your statement and using the same link
> (Debian) you sent let me quote something else :
And to add a proper reference other than the FAQ, the Debian
Developers' Reference[1] says:
5.8.5.2. Confidentiality
Unlike most other activities within Debian, information about security
issues must sometimes be kept private for a time. This allows software
distributors to coordinate their disclosure in order to minimize their
users' exposure. Whether this is the case depends on the nature of the
problem and corresponding fix, and whether it is already a matter of
public knowledge.
[1] http://www.debian.org/doc/manuals/developers-reference/pkgs#bug-security
Cheers,
--
Giuseppe D'Angelo
More information about the Development
mailing list