More details show that someone seriously fucked up in debian. [Was: Re: Debian libssl security (OpenSSH safe?)]

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: openbsd-misc <misc@...>

Subject: More details show that someone seriously fucked up in debian. [Was: Re: Debian libssl security (OpenSSH safe?)]

Date: Tuesday, May 13, 2008 - 6:48 pm

On 5/13/08 7:08 PM, Marc Espie wrote:

quoted text> More details show that someone seriously fucked up in debian.

Well, this Kurt has seriously asked for details on the relevant 
openssl-dev list:

http://marc.info/?l=openssl-dev&m=114651085826293&w=2


And see what "arrogant as usual" Ben Laurie states:

http://www.links.org/?p=327

"they should contribute their patches upstream to the package 
maintainers. Had Debian done this in this case, we (the OpenSSL Team) 
would have fallen about laughing, and once we had got our breath back, 
told them what a terrible idea this was."


Kurt has clearly done so, and I know personally of another totally 
ignored patch from our company and I have heard in the past about 
OpenBSD people trying to send patches to OpenSSL maintainers to no avail.

The OpenSSL maintainers have proven not to read their mail, they aren't 
interested in cleaning up their big mess.


Laurie also states "never fix a bug you dont understand" and this 
OpenSSL "hero" seems to forget that something that seems smart and OK 
now and here can be plain bad and ugly when looked at with some more 
distance or knowledge.

His "Adding uninitialised memory to it can do no harm and might do some 
good, which is why we do it." is pure arrogant and shortsighted shit to me.

+++chefren

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Debian libssl security (OpenSSH safe?), Juan Miscaro, (Tue May 13, 11:37 am)

Re: Debian libssl security (OpenSSH safe?), Sean Malloy, (Tue May 13, 12:14 pm)

Re: Debian libssl security (OpenSSH safe?), Gabriel Linder, (Wed May 14, 3:41 am)

Re: Debian libssl security (OpenSSH safe?), Otto Moerbeek, (Wed May 14, 7:22 am)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 7:24 am)

Re: Debian libssl security (OpenSSH safe?), raven, (Wed May 14, 7:45 pm)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Wed May 14, 8:22 pm)

Re: Debian libssl security (OpenSSH safe?), Ben Calvert, (Wed May 14, 8:30 pm)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 10:22 pm)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Wed May 14, 10:43 pm)

Re: Debian libssl security (OpenSSH safe?), Otto Moerbeek, (Thu May 15, 1:11 am)

Re: Debian libssl security (OpenSSH safe?), Dave Ewart, (Thu May 15, 5:02 am)

Re: Debian libssl security (OpenSSH safe?), Tim Post, (Thu May 15, 5:44 am)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Thu May 15, 9:31 am)

Re: Debian libssl security (OpenSSH safe?), Tim Post, (Fri May 16, 2:51 am)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 11:10 pm)

Re: Debian libssl security (OpenSSH safe?), Jussi Peltola, (Wed May 14, 8:53 pm)

Re: Debian libssl security (OpenSSH safe?), Douglas A. Tutty, (Thu May 15, 9:52 am)

Re: Debian libssl security (OpenSSH safe?), Marc Espie, (Tue May 13, 1:00 pm)

More details show that someone seriously fucked up in debian..., chefren, (Tue May 13, 6:48 pm)

Re: More details show that someone seriously fucked up in de..., Damien Miller, (Thu May 15, 2:05 pm)

Re: More details show that someone seriously fucked up in de..., Otto Moerbeek, (Wed May 14, 2:47 am)

Re: More details show that someone seriously fucked up in de..., Otto Moerbeek, (Wed May 14, 7:53 am)


linux-kernel:
Parag Warudkar	BUG: soft lockup - CPU#1 stuck for 15s! [swapper:0]
Jeremy Fitzhardinge	[PATCH 22 of 36] x86_64: split x86_64_start_kernel
Linus Torvalds	Re: Integration of SCST in the mainstream Linux kernel
Karl Meyer	PROBLEM: 2.6.23-rc "NETDEV WATCHDOG: eth0: transmit timed out"
git:
Stephan Beyer	git sequencer prototype
Ingo Molnar	[OT] Your branch is ahead of the tracked remote branch 'origin/master' by 50 commi...
Christian Couder	[PATCH] bisect: error out when given any good rev that is not an ancestor of the b...
Jon Smirl	! [rejected] master -> master (non-fast forward)
linux-activists:
Douglas Muir	Re: Linux on Macintrashes? (Was: Re: Linux on
David Willmore	Re: Intel, the Pentium and Linux
Stephen Pierce	SLS
Robert Blum	Re:help again and again
openbsd-misc:
Leonardo Rodrigues	Does anyone know a good file manager for OpenBSD?
Jason Dixon	Re: making Postfix and Courier authenticate against the same MySQL database
Rico Secada	AFS Server on OpenBSD
Lars Noodén	Call for testing - uvideo(4)


Why Windows is better than Linux	23 minutes ago	Linux general
magical mounts	1 hour ago	Linux kernel
Problem in scim in Fedora 9	2 hours ago	Linux general
The new Western Digital power saving drives	2 hours ago	Hardware
Battery Maximizer Software	22 hours ago	Linux kernel
windows folder creation surprise	23 hours ago	Windows
Firewall	1 day ago	OpenBSD
IP layer send packet	2 days ago	Linux kernel
dtrace for linux available	2 days ago	Linux kernel
Unable to mount ramdisk image using UBoot while upgrading to 2.6.15 kernel for a MPC8540 based target	2 days ago	Linux kernel

More details show that someone seriously fucked up in debian. [Was: Re: Debian libssl security (OpenSSH safe?)]

Online users