stephdl
...debian....We will not hide problems....
sme developers are not hiding problems.
They prefer a process whereby security issues can be reported securely, without publicly drawing further attention to the problem(s) & highlighting the fact to thousands of hackers, that sme server may have a security vulnerability.
sme developers prefer to quietly fix the security issue, then publicly announce the bug & release appropriate updated packages at the same time.
That way users can fix their servers before hackers have a chance to gain access via the security bug or issue.
This has been the sme way for many years now, & is a good approach in my opinion.