[Haifux] More information about latest OpenSSL/OpenSSH/OpenVPN vulnerabilities?
dotancohen at gmail.com
Wed May 14 16:15:18 MSD 2008
2008/5/14 Eli Billauer <eli at billauer.co.il>:
> What really beats me, is why the original bug (consuming uninitialized
> data) wasn't fixed in the main branch in the first place (which, I
> understand, happened at a later stage) rather than in a local patch.
Debian does not often push patches upstream. This was widely discussed
in the relevant /. article. It's a great read:
http://it.slashdot.org/article.pl?sid=08/05/13/1533212 (as posted
earlier in the thread)
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
More information about the Haifux