[arch-security] Openssl flaw
g.schlisio at dukun.de
Tue Apr 8 09:08:23 EDT 2014
Am 08.04.2014 12:04, schrieb Timothée Ravier:
> On 08/04/2014 11:52, Allan McRae wrote:
>> It was public for one day. I added this column in the wiki for tracking
>> the responsiveness of the packagers to handling security issues to see
>> where we can improve.
> Ok, I'm adding a note on this and reverting back to ~1d time vulnerable.
the column is clearly named "time vulnerable", which is since march
2012. atm you seem to use it for the "time known" information.
maybe add another column then, because a "time vulnerable" of more than
2 years means a totally other severity of such a bug than just a day.
i think, this information should be easily visible.
More information about the arch-security