Subj : Re: distro
To   : MRO
From : DaiTengu
Date : Fri Dec 22 2017 11:06 pm

 Re: Re: distro
 By: MRO to Nightfox on Fri Dec 22 2017 01:39 am

>> As has been stated already, I'm pretty sure Linux has a review process
>> so that any random code doesn't permanently become part of Linux.

MR> heartbleed. 2 years.

You don't know what you're talking about.

1. Heartbleed was a bug in OpenSSL.  OpenSSL is not "part of Linux". it is a
cryptographic library/toolkit. It is available and used on Solaris, Linux,
MacOS, QNX, the various BSD OSes, OpenVMS, Microsoft Windows and even OS/400. I
think there's an OS/2 port as well, but don't hold me to that.

2. Heartbleed was a mistake, an actual bug in a way a thing was implemented.
Not malicious code. The fix was to implement the thing a different way.

3. Heartbleed was fixed the same day the bug was publicly disclosed.
CVE-2014-0160. It was fixed by two developers that currently work at Google.

DaiTengu

... Living with a saint is more gruelling than being one.

---
� Synchronet � War Ensemble BBS - The sport is war, total war - warensemble.com

You are viewing proxied material from bbs.kd3.us. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.