-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Garito wrote:
The same question again and again
As a Zope user I prefer to know as soon as possible if Zope has security problems like those
Perhaps the correct way will be to send the problem to the zope people and 2 weeks later then make it public
I think 2 weeks is a very correct period to solve a problem if not, I want to try to solve the problem for myself
But I shout my mouth, sorry Andreas ;)
2008/8/12 Andreas Jung <lists@zopyx.com>
*sigh*
I wished that both exploits were reported to the Zope bugtracker in order to work on solutions before making the exploits public.
Right: we would just like time to investigate the problem so that we can announce the problem and the workaround / hotfix / new releases simultaneously. Two weeks would be longer than I would expect that process to take. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIobSh+gerLs4ltQ4RAor1AJ94e+J6HcSYQbYTNM0x+FhGHiUxygCeMk5N De3Ub0slW6p+DKJh3dRG+a8= =pA6g -----END PGP SIGNATURE-----