Re: [Full-disclosure] [ MDVSA-2013:101 ] lynx

[Peter Thoeny <peter09@xxxxxxxxxx>]

How about a sensible middle ground? Daily batches of MDVSA  
vulnerabilities?

On Apr 10, 2013, at 9:48 AM, Alex wrote:

> I agree! I hate those MDVSA spam!!
>
> On Wed, 10 Apr 2013 17:36:59 +0200, Fabian Wenk <fabian@xxxxxxxx>
> wrote:
> > Hello Erik
> >
> > On 10.04.2013 17:16, Erik Falor wrote:
> > > On Wed, Apr 10, 2013 at 11:44:22AM +0100, Peter W-S wrote:
> > > > Is it really necessary to spam the list with a separate email for  
> > > > every issue you want to report? Perhaps one email a week with a  
> > > > link to the full report would suffice?
> > >
> > > It is necessary.
> > >
> > > Waiting a week for a batched email to find out my software has
> > > vulnerabilities is not acceptable just because some people insist on
> > > reading email on their telephone.
> >
> > If you are using Mandriva, then you could and should subscribe
> > directly to the announce or security mailing list there.
> >
> > I really prefer the step e.g. Ubuntu (and also some other Linux
> > distribution I do not remember) have taken about 2 years ago. They
> > stopped sending out their security announces to Bugtraq and
> > Full-Disclosure. I would be happy if other distributions or projects,
> > with such high volume of announces, would do the same.
> >
> >
> > bye
> > Fabian

--
  * Peter Thoeny     - peter09[at]thoeny.org
  * http://TWiki.org - is your team already TWiki enabled?
  * Knowledge cannot be managed, it can be discovered and shared
  * This e-mail is:   (_) private    (_) ask first    (x) public

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/