Re: Re: distro
By: MRO to Nightfox on Fri Dec 22 2017 01:39 am
>> As has been stated already, I'm pretty sure Linux has a review process
>> so that any random code doesn't permanently become part of Linux.
MR> heartbleed. 2 years.
You don't know what you're talking about.
1. Heartbleed was a bug in OpenSSL. OpenSSL is not "part of Linux". it is a
cryptographic library/toolkit. It is available and used on Solaris, Linux,
MacOS, QNX, the various BSD OSes, OpenVMS, Microsoft Windows and even OS/400. I
think there's an OS/2 port as well, but don't hold me to that.
2. Heartbleed was a mistake, an actual bug in a way a thing was implemented.
Not malicious code. The fix was to implement the thing a different way.
3. Heartbleed was fixed the same day the bug was publicly disclosed.
CVE-2014-0160. It was fixed by two developers that currently work at Google.
DaiTengu
... Living with a saint is more gruelling than being one.
---
■ Synchronet ■ War Ensemble BBS - The sport is war, total war - warensemble.com
|
