[Haifux] The Heartbeat vulnerability in OpenSSL (and hence ssh/https)

Tzafrir Cohen tzafrir at cohens.org.il
Sun Apr 27 15:12:01 IDT 2014


On Sun, Apr 27, 2014 at 12:17:45PM +0300, Nadav Har'El wrote:
> On Sun, Apr 27, 2014, Tzafrir Cohen wrote about "Re: [Haifux] The Heartbeat vulnerability in OpenSSL (and hence ssh/https)":
> > On Sat, Apr 26, 2014 at 02:20:17PM +0300, Sorana Fraier wrote:
> > > There is now a fork by openbsd people for openssl. It's called libressl.
> > > 
> > > http://www.libressl.org/
> > > 
> > > They crave for more people to help.
> > 
> > Not really. If they wanted more people they wouldn't use the OpenBSD
> > CVS.
> 
> Not everyone has been drinking from the "distributed version-control
> system" coolaid. I agree that CVS should be dropped for Subversion which
> is more-or-less a superset of CVS, but let's not judge them harshly for
> not using Git.

I don't judge them for not using git. I judge them for using CVS.

In fact they clearly state on their page that they're not looking for
code contributions as the code is not ready yet.

-- 
Tzafrir Cohen         | tzafrir at jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir at cohens.org.il |                    |  best
tzafrir at debian.org    |                    | friend


More information about the Haifux mailing list