On 2015-01-12, Valeri Galtsev galtsev@kicp.uchicago.edu wrote:
PS I guess I just mention it. I'm quite happy about CentOS (or RedHat if I look back). One day I realized how happy I am that I chose RedHat way back, - that was when all Debian (and its clones like Ubuntu,...) admins were fighting with the consequences of this: http://www.debian.org/security/2008/dsa-1571 . If I had Debian machine I would not only regenerate all key pairs, certs, etc. I would question sanity of that box then, and will not be certain what confidential stuff could have been stolen from it... I realized then that that level big flop never happened to RedHat. I couldn't even point to something that would constitute big flop RedHat of then. One only criticizes something while one cares about it ;-)
Heartbleed was pretty scary, no? I'd consider that at least as bad as the predictable number generator issue.
--keith