[OpenAFS] Re: When to publish security advisories?

Andrew Deason adeason@sinenomine.net
Mon, 18 Apr 2011 09:24:41 -0500

On Fri, 15 Apr 2011 19:24:25 -0400
Jason Edgecombe <jason@rampaginggeek.com> wrote:

> > It may result in many more security advisories, but hey, that's
> > reality.  Not every security advisory is "you must upgrade to fix
> > this _now_!"
> some managers may disagree with that statement.

Not every security issue is "you must upgrade to fix this _now_" for
every site. I don't care about a Linux client module security issue if I
don't have any Linux clients, or (possibly, depending on the
person/site) if I'm the only person using my Linux box.

Andrew Deason