--2oS5YaxWCcQjTEyO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Pavel Cahyna wrote:
> Isn't it funny that a confidential bug report was sent to a public
> mailing list?

Not really but it's also pretty naive to send something considered being
confidential in an unencrypted mail. This bug/problem (or whatever it is)
has been known for a long while and reported several times. Just use
Google groups and search for "confidential: yes" "netbsd" to find a whole
bunch of such PRs. There's an open PR for it. However, I think the
"Confidential" tag should simply be removed and replaced with a comment to
send such PRs encrypted to the security officer instead.
BTW, I don't think bugs concerning only -current should ever be considered
"confidential". Either you're prepared for the apocalypse or you use a
stable release - JMHO.

--=20
Christian

--2oS5YaxWCcQjTEyO
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFBChxi0KQix3oyIMcRAgOlAJwNuygU/+pxTdgiWUIP9eREFpwtvwCgjLK5
uQ6GC3yAlNXrO6qv9aFGssE=
=4vDc
-----END PGP SIGNATURE-----

--2oS5YaxWCcQjTEyO--