Re: leaks in our only-signed-software fortress

To: debian-devel@lists.debian.org
Subject: Re: leaks in our only-signed-software fortress
From: Philipp Kern <trash@philkern.de>
Date: Mon, 20 Feb 2012 09:56:33 +0000 (UTC)
Message-id: <[🔎] slrnjk466h.1o2.trash@kelgar.0x539.de>
Reply-to: phil@philkern.de
References: <[🔎] 0763775752c72b696283491568e04907@scientia.net> <[🔎] 1329704170.6199.68.camel@fermat.scientia.net>

On 2012-02-20, Christoph Anton Mitterer <calestyo@scientia.net> wrote:
> 2) Well I really feel bad now, having to point my finger at the Nagios
> Maintainers as they really do a good job, but this just shocked me:
> Bug #660585.
>
> Well as I describe in the bug, it is practically (at the moment) of no
> relevance as SSL in Nagios' NRPE is broken.
> The problem here is IMHO rather the attitude behind.

Well, the rationale is documented in #333552 (which is linked to by the
changelog).  AIUI it doesn't matter because it's just about randomizing
unused parts of the packet.

Kind regards
Philipp Kern

Reply to:

Follow-Ups:
- Re: leaks in our only-signed-software fortress
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

References:
- leaks in our only-signed-software fortress
  - From: Christoph Anton Mitterer <calestyo@scientia.net>
- Re: leaks in our only-signed-software fortress
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Re: leaks in our only-signed-software fortress
Next by Date: Bug#660619: ITP: ruby-pry -- powerfull irb alternative and runtime developer console
Previous by thread: Re: leaks in our only-signed-software fortress
Next by thread: Re: leaks in our only-signed-software fortress
Index(es):
- Date
- Thread