Date: Sun, 16 Jun 2013 20:50:48 +0200 From: Eitan Adler <eadler@freebsd.org> To: bf1783@gmail.com Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r321045 - head/security/tor-devel Message-ID: <CAF6rxgk1CF9SySZkdKykVvd9M8VfHm2oHvCFKX=zhZ=UznO8hw@mail.gmail.com> In-Reply-To: <CAGFTUwP-_xJUTdj=hr7wM_BV-=Bo%2BktE1ud6s3n1eBizjUH=fQ@mail.gmail.com> References: <201306161247.r5GCloLW020616@svn.freebsd.org> <CAF6rxgm3x4VgGCnWBJC5SanViZuj1ZNQ-qfsZFgwiSmpBkvXuQ@mail.gmail.com> <CAGFTUwPZM4u6LYvx_rsF4My7tHPZKS3V_N2YO7ur29HQyesOsQ@mail.gmail.com> <CAF6rxgnC8hDDwTW9NxqCDs8YEYyFRLzzDm=g=94A5Fn6GdXveA@mail.gmail.com> <CAGFTUwP-_xJUTdj=hr7wM_BV-=Bo%2BktE1ud6s3n1eBizjUH=fQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 16, 2013 at 8:17 PM, b.f. <bf1783@googlemail.com> wrote: > On 6/16/13, Eitan Adler <eadler@freebsd.org> wrote: >> On Sun, Jun 16, 2013 at 4:06 PM, b.f. <bf1783@googlemail.com> wrote: >>> In this case no CVEs were issued >> >> This is odd. > > Not very, when you consider that this is development code, and not a > stable release. It would be absurd to think that every developer goes > running to a CNA every time they find any problem in their repository. CVEs are given for beta releases (see CVE mailing lists for details). I don't think debating this point is very important. > Not > every bug is found, fewer still are disclosed, and even fewer are > reported to a CNA and given a CVE-ID. Agreed > The Tor developers are very conscientious when it comes to reporting > bugs, even ones that are unlikely to be exploited. They often fix and > report problems that would go undetected or undisclosed in other > projects. But only some of the most serious bugs are reported by the > project or by others to a CNA. Understood. Back to the point at hand, I do think this should be documented in VuXML. -- Eitan Adler Source, Ports, Doc committer Bugmeister, Ports Security teams
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgk1CF9SySZkdKykVvd9M8VfHm2oHvCFKX=zhZ=UznO8hw>