Comment 24 for bug 133635

Jordan Erickson wrote:
> Johnathon wrote:
>> ...
>>
>> And, again, this bug was ignored for 4 and a half months, till the
>> vulnerable release went EOL.
>>
>> Again, "Really _awesome_ security policy guys!"
>> Again, "I'd expect that tactic from MS Windows, not from Ubuntu."
>>
>> I know you guys are manically busy working on new features, I know back-
>> porting security fixes is a right PITA, slow, boring, and what you
>> *don't* want to be spending time on. But by not patching it, you're
>> letting people's data swing free in the breeze, with a documented
>> problem available on the net for exploitation.
>>
>> How can I make you take what's happened here seriously? Post this on my blog, and by extension the Ubuntu UK planet? Post on the general Ubuntu mailing lists? Post any exploits that I help confirm later on cracker forums?
>
> One thing is for sure, sarcastic and rude remarks at the people who work
> their asses off to fix this stuff sure isn't a very good method to
> getting it fixed.
>
> Wow. What arrogance. IANAP either, probably have less experience than
> you in the field - but I sure now how to use a bit of elbow grease
> instead of spinning your wheels for everyone to hear to get things
> accomplished.
>

Jordan, That was me trying my best NOT to be rude, and understanding.
I've DONE an SRU patch, and I KNOW how much boring, hard work it is.

I WASN'T saying they're not doing any work, I'm saying that this
security bug slipped through the gaps.

If I COULD learn this language to fix it, I would, but I am a trainee
sysadmin / tech support guy, not a programmer, for a good reason. Take
note of my comment on my technical ability, please.

If you want to have a go at me, my email address is freely available.
Use it.