[arch-security] Openssl flaw
G. Schlisio
g.schlisio at dukun.de
Tue Apr 8 09:08:23 EDT 2014
Am 08.04.2014 12:04, schrieb Timothée Ravier:
> On 08/04/2014 11:52, Allan McRae wrote:
>> It was public for one day. I added this column in the wiki for tracking
>> the responsiveness of the packagers to handling security issues to see
>> where we can improve.
>
> Ok, I'm adding a note on this and reverting back to ~1d time vulnerable.
>
the column is clearly named "time vulnerable", which is since march
2012. atm you seem to use it for the "time known" information.
maybe add another column then, because a "time vulnerable" of more than
2 years means a totally other severity of such a bug than just a day.
i think, this information should be easily visible.
More information about the arch-security
mailing list