lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: dufresne at (Ron DuFresne)
Subject: The new Microsoft math:  1 patch for 14 vul
 nerabilities, MS04-011


> This merely begs the question, why do they not then release the patches as
> both?  A single "patch'em all" one for single users and those who can afford
> to implement patches this way, and a broken out set of the patch that can be
> more thoroughly tested in larger scale environments where the big patch
> solution doesn't work.

a major contributing factor is dependencies, and as others pointed out we
are seeing more and more of that in the linux desktop realm as well, and
even in the other major unix vendor realms too.  you can't often fix one
little .exe or .com file iin an env whence the browser acts as the kernel
which acts as then shell which acts as an individual applicaton that
replaces 20 applications once produced by various vendors now bought out
and sucked into the core OS...but, redhat already is the 'windows' of the
linux world and suse is not far behind if it remains so now.


Ron DuFresne
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Powered by blists - more mailing lists