Posté par Theo sur openbsd-misc…
From: Theo de Raadt
Subject: [BSD-Misc] FreeBSD hiding security stuff
A few FreeBSD developers apparently have found some security issue
of some sort affecting i386 operating systems in some cases.
They have refused to give us real details.
A promise is now being made.
If a bug is found in OpenSSH, which we believe to have security
consequences, we wil inform FreeBSD last.
Fair is fair.
I really wish it was not this way, but after a week of trying to get the
policy to be fixed, we are changing our policy as well.
Without immediate action from them to repair their polcy, and a public
apology for this, that policy will stand.
Perso, je trouve ce comportement (ne pas divulguer des infos sur la sécurité d’un produit) assez puérile.. 🙁