Re: tasks

To: debian-devel@lists.debian.org
Subject: Re: tasks
From: Michael Stone <mstone@debian.org>
Date: Fri, 14 Jan 2000 07:45:28 -0500
Message-id: <[🔎] 20000114074527.I23386@justice.loyola.edu>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.21.0001140657510.7370-100000@jyoti.braincells.com>; from Jaldhar H. Vyas on Fri, Jan 14, 2000 at 07:06:17AM -0500
References: <[🔎] 20000114063816.F23386@justice.loyola.edu> <[🔎] Pine.LNX.4.21.0001140657510.7370-100000@jyoti.braincells.com>

On Fri, Jan 14, 2000 at 07:06:17AM -0500, Jaldhar H. Vyas wrote:
> On Fri, 14 Jan 2000, Michael Stone wrote:
> > OTOH, uw imapd is a security nightmare that comes back to bite another
> > popular distribution with a new remote root exploit every six months or
> > so.
> 
> Could you back this allegation up with some facts?  A _long_ time ago
> there was a notorious root exploit which as the bane of Red Hat users
> everywhere but the Debian package was immune.  (This was back when Dwarf
> maintained it I believe.)  Since I took over the only security problem
> I've had to fix was an exploit in ipop2d.

ipop2d is the same source, same authors. Barring a formal proof of
correctness, past history and apparant attention to security is a valid
way of evaluating the package. I was a bit off on my six months
estimate, but there were security fixes released in Mar '97, Jul '98,
and Jun '99. About once a year. My alternative thus far has been pop.

-- 
Mike Stone

Reply to:

References:
- Re: tasks
  - From: Michael Stone <mstone@debian.org>
- Re: tasks
  - From: "Jaldhar H. Vyas" <jaldhar@debian.org>

Prev by Date: Re: tasks
Next by Date: Re: Translations of GPL
Previous by thread: Re: tasks
Next by thread: Re: tasks
Index(es):
- Date
- Thread