| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Mar 2024 13:49:44 +0300 From: Denis Kirjanov <dkirjanov@...e.de> To: Paolo Abeni <pabeni@...hat.com>, Lynne <dev@...ne.ee>, Netdev <netdev@...r.kernel.org> Cc: Kuniyu <kuniyu@...zon.com>, Willemdebruijn Kernel <willemdebruijn.kernel@...il.com> Subject: Re: Regarding UDP-Lite deprecation and removal On 3/18/24 13:36, Paolo Abeni wrote: > On Sun, 2024-03-17 at 01:34 +0100, Lynne wrote: >> UDP-Lite was scheduled to be removed in 2025 in commit >> be28c14ac8bbe1ff due to a lack of real-world users, and >> a long-outstanding security bug being left undiscovered. >> >> I would like to open a discussion to perhaps either avoid this, >> or delay it, conditionally. > > I'm not very familiar to the deprecation process, but I guess this kind > of feedback is the sort of thing that could achieve delaying or avoid > the deprecation. > > What will help more IMHO is someone stepping in to actually maintain > the protocol. It should not be an high load activity, but a few things > would be required: e.g. writing self-tests and ensuring that 3rd party > changes would not break it. And reviewing patches - but given the > protocol history that would probably be once in a lifetime. That's sounds good enough to try > > Cheers, > > Paolo > >
Powered by blists - more mailing lists