[$] Lessons from the linux-distros mailing list

The oss-securitymailing list is specifically set up for reports and discussion of security flaws inopen-source software after their embargo, if any, has expired. But theresponse to a recentreportof the fix for a security flaw in the Linux kernel went in a differentdirection than usual. The report did not break the two-week embargoperiod, instead it was "late", which has highlighted some problems in themanagement of flaws of this nature.