Re: Debian libssl security (Cause???)

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: mcb, inc. <mcbinc@...>

To: <misc@...>

Subject: Re: Debian libssl security (Cause???)

Date: Friday, May 16, 2008 - 3:06 pm

On Fri, 16 May 2008, Travers Buda wrote:

quoted text> They probably have figured it out.  This is a pretty big screw-up--it
> was in the tree since September 2006.  You don't do something this
> bad and not learn from it =).

And now the social engineering fallout from it as well with all
the 'new SSL certificate'-style phishing that was in place before
this event...

--
Monty Brandenberg, Software Engineer                               MCB, Inc.
mcbinc@panix.com                                             P.O. Box 426188
mcbinc@pobox.com                                   Cambridge, MA  02142-0021
617.864.6907

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Debian libssl security (Cause???), Ross Cameron, (Fri May 16, 7:31 am)

Re: Debian libssl security (Cause???), Otto Moerbeek, (Fri May 16, 7:41 am)

Re: Debian libssl security (Cause???), Ross Cameron, (Fri May 16, 8:30 am)

Re: Debian libssl security (Cause???), Ted Unangst, (Fri May 16, 4:02 pm)

Re: Debian libssl security (Cause???), Otto Moerbeek, (Sat May 17, 2:36 am)

Re: Debian libssl security (Cause???), Tim Post, (Sat May 17, 3:12 am)

Re: Debian libssl security (Cause???), Travers Buda, (Fri May 16, 2:33 pm)

Re: Debian libssl security (Cause???), mcb, inc., (Fri May 16, 3:06 pm)

Navigation

Mail archive search

Popular discussions


linux-kernel:
Ingo Molnar	Re: [Announce] [patch] Modular Scheduler Core and Completely Fair Scheduler [CFS]
Greg Kroah-Hartman	[PATCH 014/196] kobject: remove incorrect comment in kobject_rename
Linus Torvalds	Linux 2.6.27-rc8
Tony Lindgren	[PATCH 32/90] ARM: OMAP: Basic support for siemens sx1
git:
Andy Parkins	svn:externals using git submodules
Peter Stahlir	Git as a filesystem
Jakub Narebski	Re: VCS comparison table
Linus Torvalds	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
openbsd-misc:
GVG GVG	ssh_exchange_identification: Connection closed by remote host
Richard Stallman	Real men don't attack straw men
Alexey Suslikov	OT: OpenBSD on Asus eeePC
Marcos Laufer	dmesg IBM x3650 OpenBSD 4.3
linux-netdev:
David Miller	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Jozsef Kadlecsik	Re: TCP connection stalls under 2.6.24.7
Jarek Poplawski	[PATCH take2][NET] ifb: set separate lockdep classes for queue locks
Stephen Hemminger	[RFC] TCP illinois max rtt aging

Latest forum posts


high memory	1 day ago	Linux kernel
semaphore access speed	1 day ago	Applications and Utilities
the kernel how to power off the machine	1 day ago	Linux kernel
Easter Eggs in windows XP	1 day ago	Windows
Shared swap partition	1 day ago	Linux general
Root password	1 day ago	Linux general
Where/when DNOTIFY is used?	1 day ago	Linux kernel
How to convert Linux Kernel built-in module into a loadable module	1 day ago	Linux kernel
Linux 2.6.24 and I/O schedulers	1 day ago	Linux kernel
USB Driver -- Interrupt Polling -- A Little Help Please	1 day ago	Linux general

Show all forums...

Recent Tags

-rc8 bugs 2.6.27 -rc Intel Linux quote Linus Torvalds 2.6.27-rc8

more tags

Colocation donated by:

Online users

Syndicate