| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed Nov 16 14:33:05 2005 From: markoer at markoer.org (Marco Ermini) Subject: Three years and ten months without a patch On 11/16/05, Barrie Dempster <barrie@...oot-robot.net> wrote: [...] > Are we forgetting slammer ? A worm that attacked a product which you > would expect to be used in a similar way. > > Backend or not, the system should be patched, being backend is not a > justifiable reason for not patching the system. [...] > Believing this would be a very narrow view of security and we > all know security is far from something to be viewed like that. [...] You are totally right. In fact I was (or better - I *tried* to be...) ironical about it... that's their philosophy: on 8.1.x you are 4 versions behind their actual off-the-shelf product - which, as we said, "never breaks" so, of course, why not upgrade?... (and pay the licensing fees) Cheers -- Marco Ermini Dubium sapientiae initium. (Descartes) root@...an # mount -t life -o ro /dev/dna /genetic/research (This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original.)
Powered by blists - more mailing lists