Entries tagged as ouch
bugs argh code dsa esr fetchmail frustration heise ntp opera php rant releases security software suhosin web www 25c3 alerts analysis annouce arm attacks awards backdoor browser ccc congress comments companies compromises conferences config configuration convtroversy cracking ctf data mining debian distributors documentation dos email errm? exim exploit fail fail2ban fefe femtocell firefox flagseverywhere flame fun google gpg gsm hacking hacks irc javascript key transition linux mail mobile mobile phones monitoring news omg osmocombb pain passwords pdf personal pgp phishing privacy programming protocols pwsafe random blurb random thoughts scponly service setup sfr sftp shell sms sofware ssh tests tools tricks ubiquisys vendors web 2.0 wordpress xing xss youtube advertising announce apache bash block blogging cli driver errm feature features feed reader fglrx fix gcc gpl graphics graphs grml hardware help icecast ii images iptables lazyweb libacpi licenses maemo mpd music mutt n900 netscape networking newsbeuter nitrogen nonsense open source openbox openoffice partnership patches phone pidgin podcast release review rss scripting scripts spam specs squeeze stfl streaming stuff testing text mode text tools tip tips trackback troubleshooting wallpaper wtf xinerama zsh
Debian DSA-1571
Posted by Nico Golde in
Tuesday, May 13. 2008
A lot of people start throwing mud in the direction of Debian and especially the maintainer of openssl because of high impact security issue that was released today: DSA-1571.
Please notice that this was indeed discussed in 2006 with the openssl people before patching the package and it was an openssl.org guy who ACKed this patch after the maintainer asked for their opinion. So please stop blaming random people. Thanks!
Such things happen, so better use your time to fix your systems instead
UPDATE: people complaining about the "fact" that the "wrong" list was used to contact the openssl people, please read this
Please notice that this was indeed discussed in 2006 with the openssl people before patching the package and it was an openssl.org guy who ACKed this patch after the maintainer asked for their opinion. So please stop blaming random people. Thanks!
Such things happen, so better use your time to fix your systems instead
UPDATE: people complaining about the "fact" that the "wrong" list was used to contact the openssl people, please read this
Calendar
|
November '15 | |||||
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
Quicksearch
Support
Recent Entries
- E-Plus GSM privacy/TMSI allocation leak
- Thursday, October 11 2012
- Exploiting the Ubiquisys/SFR femtocell webserver (wsal/shttpd/mongoose/yassl embedded webserver)
- Wednesday, August 3 2011
- So what happened recently...
- Wednesday, April 6 2011
- Sunday, February 6 2011
- exim remote vulnerability
- Thursday, December 9 2010
- Will my Phone Show An Unencrypted Connection?
- Wednesday, September 8 2010
- smpCTF 2010 quals writeups
- Sunday, August 8 2010
- protocol design fail: MMS notification
- Wednesday, July 28 2010
- acrobat reader stealing my passwords
- Tuesday, June 29 2010
- UnrealIRCd backdoored
- Saturday, June 12 2010
Syndicate This Blog
Categories
Tag cloud
23c3 acpi advertising annouce announce april argh art awards bash blogging bugs c cli code conferences config configuration data mining debconf debian dell dns documentation email errm? events exploit fail fail2ban filesharing films flame fun gcc google graphs grml gsm hacking hacks hardware heise images information installation internet irc knowledge libacpi links linux mobile phones network news newsbeuter omg open source opera passwords php power privacy programming qa random blurb rant release releases rss scripts security service setup shell sms software spam ssh stfl stuff terminal tests text mode tip tips tools troubleshooting unix user video vim.editing web web 2.0 websites wordpress wtf www youtube zsh