[Pkg-mailman-hackers] Bug#339095: Mailman DoS
Lionel Elie Mamane
lionel at mamane.lu
Mon Jan 23 22:11:00 UTC 2006
On Mon, Jan 23, 2006 at 03:05:22PM +0200, Mihai Maties wrote:
> It's quite odd that a bug that old (133 days already) is being ignored and the
> _stable_ version of Debian still contains flaws...
Sorry about that. That bug suffered from a combination of
circumstances creating delay: Not very active Mailman maintainers
first, and then this issue "fell through the cracks" of the security
team, and the Mailman maintainers were not very proactive about
pinging the security team again. They have been pinged by me on 19 Jan
2006, as a reaction to Luciano Bello's mail, and have reacted the next
day; that is three days ago (on 20 Jan 2006). I expect something to
happen soonish.
> Whom do we need to bribe in order for the fix to get into
> sarge/security ?
team at security.debian.org, but please don't be aggressive: Most of the
delay is not their fault. The first time they were contacted about
this was 14 Dec 2005; they let this contact slip and we (Mailman
maintainers) didn't recontact them aggressively (enough?). I presume
they are now working on it; if they forget about us again, feel free
to ping them or remind us to ping them. But right now, only two days
have elapsed since our last message to them; being worried they forgot
about us is premature.
--
Lionel
More information about the Pkg-mailman-hackers
mailing list