| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200405161722.i4GHLr8g012172@smtp.washington.edu> From: zbd at u.washington.edu (Brian P. Donohue) Subject: RE: Full-Disclosure digest, Vol 1 #1651 - 1 msg Interesting. I keep hearing this without specifics. I find this kind of problem to be very rare in our production environment (10,000 devices), and limited to poorly written apps. I work in a medical environment, where there's no lack of poorly written apps, and even amongst that population, problems caused by patches are rare. I suppose that this is in part due to our habit of testing prior to deployment. Of course, a system that's grossly misconfigured, or rotten with malware, will often have problems trying to install just about anything. Microsoft has many problems, but in my view they pretty much solved the problem of breaking things with patches a long time ago - post Winnt 4 SP3 has been pretty dependable. I have plenty of gripes about MS, but this one has gone stale. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of full-disclosure-request@...ts.netsys.com Sent: Sunday, May 16, 2004 09:00 To: full-disclosure@...ts.netsys.com Subject: Full-Disclosure digest, Vol 1 #1651 - 1 msg Send Full-Disclosure mailing list submissions to full-disclosure@...ts.netsys.com To subscribe or unsubscribe via the World Wide Web, visit http://lists.netsys.com/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-request@...ts.netsys.com You can reach the person managing the list at full-disclosure-admin@...ts.netsys.com When replying, please edit your Subject line so it is more specific than "Re: Contents of Full-Disclosure digest..." Today's Topics: 1. RE: Support the Sasser-author fund started (Paul Schmehl) --__--__-- Message: 1 Date: Sun, 16 May 2004 10:55:55 -0500 From: Paul Schmehl <pauls@...allas.edu> Reply-To: Paul Schmehl <pauls@...allas.edu> To: full-disclosure <full-disclosure@...ts.netsys.com> Subject: RE: [Full-Disclosure] Support the Sasser-author fund started --On Friday, May 14, 2004 11:06 PM +0530 "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@...ine.gateway.technolabs.net> wrote: > > the problem is many times when the patch is released it tends to break > many applications and other random stuff! ms is patching a hole but > manages to break other things in the process quite frequently. > Let's see....this would seem to indicate that they depend on the holes to run the applications. :-) Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu --__--__-- _______________________________________________ Full-Disclosure mailing list Full-Disclosure@...ts.netsys.com http://lists.netsys.com/mailman/listinfo/full-disclosure End of Full-Disclosure Digest
Powered by blists - more mailing lists