Silent fixes w.r.t open source software
Posted Nov 16, 2006 10:36 UTC (Thu) by dps
Parent article: November: the month of kernel bugs
I think "silent fixes" to open soruce software are usually patches that add features or otherwise change non-security related things and also fix one or more security bugs. What makes the fix silent is that any notes accompnaying the patches fail to mention either the security fixes.
The code is generally obscure enough not to require any more obfuscication that just burying the security fixes in a pile of toher changes.
to post comments)