Re: [Sks-devel] SKS debian package

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] SKS debian package

From:	Robert J. Hansen
Subject:	Re: [Sks-devel] SKS debian package
Date:	Sun, 29 Apr 2012 18:07:26 -0400
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120410 Thunderbird/11.0.1

On 04/29/2012 05:42 PM, Jeffrey Johnson wrote:
> If there were any BDB "security releases", you might have a point.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1436

Yes, that's actually a bug in the libc db interface, not BDB itself, but
the point still stands: this is something that would be embedded into
sks with static linkage, and something that could be trivially fixed
out-of-band with dynamic linkage.

No nontrivial piece of software -- I repeat, *no* nontrivial piece of
software -- has *ever* been released without security bugs, and it is
both unprofessional and reckless to state otherwise.  If you don't
understand this, then I think we're done here because we're not going to
agree on anything.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Sks-devel] SKS debian package, (continued)

Prev by Date: Re: [Sks-devel] SKS debian package
Next by Date: Re: [Sks-devel] SKS debian package
Previous by thread: Re: [Sks-devel] SKS debian package
Next by thread: Re: [Sks-devel] SKS debian package
Index(es):
- Date
- Thread