User: Password:
|
|
Subscribe / Log in / New account

Ubuntu, security response, and community contributions

Ubuntu, security response, and community contributions

Posted Jul 18, 2008 20:05 UTC (Fri) by nlucas (subscriber, #33793)
In reply to: Ubuntu, security response, and community contributions by bronson
Parent article: Ubuntu, security response, and community contributions

    Funny, I was just checking some SSL certs this morning hoping they weren't generated on an Ubuntu machine.

While I also don't think Ubuntu QA is notorious for it's track record you are actually mentioning the case they did everything right, from finding the bug to upstream fixing it (it was a Debian bug, not Ubuntu).


(Log in to post comments)

Ubuntu, security response, and community contributions

Posted Jul 19, 2008 21:17 UTC (Sat) by ceplm (subscriber, #41334) [Link]

Security doesn't mean just patching fast, but also checking whether the patches make sense.
Which apparently the one from Debian for OpenSSL didn't, but the distribution with better
security record just didn't bother to take a look at patches for OpenSSL.

Ubuntu, security response, and community contributions

Posted Jul 21, 2008 10:37 UTC (Mon) by nlucas (subscriber, #33793) [Link]

What you are asking may be nice words, but if any derived distro did that it would be more
work than starting one from scratch.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds