[CentOS] Re: [CentOS-announce] Impact of the Debian OpenSSL vulnerability
Les Mikesell
lesmikesell at gmail.com
Mon May 19 13:11:15 UTC 2008
Ralph Angenendt wrote:
>
>>> - What does our upstream think about this?
>>> - What do the OpenSSH developers think about this?
>> Someone is going to need to ask those questions of the people...
>
> I don't think the OpenSSH devels really do care about that - there is no
> discussion whatsoever on the secureshell list or on the devel list.
>
> No idea about our upstream, but I don't think so either.
Does anyone know the point of the patch in the first place? That is,
why would a distro-specific modification have been needed at all? I
don't suspect an intentional compromise here but I'm curious about why
anyone would consider a non-standard change.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list