[Zope-dev] Resolved security-related collector issues for the public?

[Dieter Maurer]

Maik Jablonski wrote at 2004-1-21 21:20 +0100:
> ...
>My proposal: Can we have a delay for making security-related fixes public?
>Just a month or two or so...

-1

Most of the potential exploits have rather strict requirements
(such as creation of executable content by untrusted users).
Thus, few installations are really affected.

At least I will not upgrade software when I get only a vague
indication about some security fixes (without a clear indication
what security issues are solved).

-- 
Dieter