U++ forum: Welcome to the forum

Search on this site

Search in forums

Home » Community » Coffee corner » About Linux distros and incompatibilty...

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Final release [message #17033 is a reply to message #17031]

Fri, 25 July 2008 21:04

guido
Messages: 169
Registered: April 2006

Experienced Member

Zardos wrote on Fri, 25 July 2008 20:35

You have to wait for the mercy of the god like package maintainers until you can get an update

Not god like, rather like wardens.
People with no real skills in position of relative power.
The claim is added value by enhanced security and "integration".
How well that works we recently saw with the schmuck, who maintains openssl in Debian. He observed uninitialized memory in valgrind. Then went on to comment out the code responsible, with no idea what it does and no upstream talkback. Thereby leaving any Debian server exposed to be be hacked in minutes, for years.
He had removed the entropy gatherer of the ssl key random number generator, reducing the factual range of keys to like 32k.

[Updated on: Fri, 25 July 2008 21:05]

Report message to a moderator

[Message index]

		About Linux distros and incompatibilty... By: guido on Thu, 24 July 2008 21:42
		Re: Final release By: mdelfede on Thu, 24 July 2008 22:46
		Re: Final release By: Zardos on Thu, 24 July 2008 22:53
		Re: Final release By: unodgs on Thu, 24 July 2008 23:16
		Re: Final release By: unodgs on Thu, 24 July 2008 23:30
		Re: Final release By: Zardos on Thu, 24 July 2008 23:57
		Re: Final release By: mdelfede on Fri, 25 July 2008 00:14
		Re: Final release By: guido on Fri, 25 July 2008 20:36
		Re: Final release By: mdelfede on Sat, 26 July 2008 19:05
		Re: Final release By: cbpporter on Fri, 25 July 2008 17:16
		Re: Final release By: Zardos on Fri, 25 July 2008 20:35
		Re: Final release By: guido on Fri, 25 July 2008 21:04
		Re: Final release By: mdelfede on Sat, 26 July 2008 19:25
		Re: Final release By: mdelfede on Sat, 26 July 2008 21:07
		Re: Final release By: unodgs on Sat, 26 July 2008 22:54
		Re: Final release By: mdelfede on Sun, 27 July 2008 14:47
		Re: Final release By: mirek on Sun, 27 July 2008 09:01
		Re: Final release By: mdelfede on Sun, 27 July 2008 14:56
		Re: Final release By: mirek on Sun, 27 July 2008 16:48
		Re: Final release By: cbpporter on Sun, 27 July 2008 17:50
		Re: Final release By: mdelfede on Sat, 26 July 2008 19:29
		Re: Final release By: emr84 on Sun, 27 July 2008 03:43

Previous Topic:	UPP SW deployment
Next Topic:	Win32 UPP console application profiling? Some free easy to use tools, anyone?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Thu Apr 25 14:32:36 CEST 2024

Total time taken to generate the page: 0.02398 seconds