Computing's article on an OpenSSH flaw
Colin Watson
cjwatson at ubuntu.com
Tue Jul 2 11:12:16 UTC 2024
On Mon, Jul 01, 2024 at 04:40:40PM +0100, Colin Law wrote:
> On Mon, 1 Jul 2024 at 15:43, Ian Bruntlett <ian.bruntlett at gmail.com> wrote:
> > On Mon, 1 Jul 2024 at 14:02, Colin Law <clanlaw at gmail.com> wrote:
> >> Already fixed I think. https://ubuntu.com/security/notices/USN-6859-1
> >
> > Good to know, thank you :)
>
> Such things are usually fixed before we get to know about them. I
> guess the finder lets developers know before making it public.
Indeed, there's typically advance notice both to the upstream
maintainers and to distribution security teams, and for anything
important there's a coordinated release date set to give people time to
prepare. As the relevant Debian package maintainer I got a heads-up a
couple of weeks ago, which is reasonably typical.
--
Colin Watson (he/him) [cjwatson at ubuntu.com]
More information about the ubuntu-users
mailing list