[Haifux] More information about latest OpenSSL/OpenSSH/OpenVPN vulnerabilities?

Dotan Cohen dotancohen at gmail.com
Wed May 14 16:15:18 MSD 2008

2008/5/14 Eli Billauer <eli at billauer.co.il>:
>  What really beats me, is why the original bug (consuming uninitialized
>  data) wasn't fixed in the main branch in the first place (which, I
>  understand, happened at a later stage) rather than in a local patch.

Debian does not often push patches upstream. This was widely discussed
in the relevant /. article. It's a great read:
http://it.slashdot.org/article.pl?sid=08/05/13/1533212 (as posted
earlier in the thread)

Dotan Cohen


A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

More information about the Haifux mailing list