On 08/04/14 23:08, G. Schlisio wrote:
Am 08.04.2014 12:04, schrieb Timothée Ravier:
On 08/04/2014 11:52, Allan McRae wrote:
It was public for one day. I added this column in the wiki for tracking the responsiveness of the packagers to handling security issues to see where we can improve.
Ok, I'm adding a note on this and reverting back to ~1d time vulnerable.
the column is clearly named "time vulnerable", which is since march 2012. atm you seem to use it for the "time known" information. maybe add another column then, because a "time vulnerable" of more than 2 years means a totally other severity of such a bug than just a day. i think, this information should be easily visible.
Why? Just list every piece of software since the day it was first released. That would be accurate.