Post Syndicated from original https://lwn.net/Articles/874069/rss

The oss-security
mailing list is specifically set up for reports and discussion of security flaws in
open-source software after their embargo, if any, has expired. But the
response to a recent
report
of the fix for a security flaw in the Linux kernel went in a different
direction than usual. The report did not break the two-week embargo
period, instead it was “late”, which has highlighted some problems in the
management of flaws of this nature.