top | item 25447016 (no title) jtl999 | 5 years ago Documented cases don't seem to be common, but what comes to mind is the Debian "weak keys" scandal (2008), and the VLC "libeml" vulnerability (2019)[1][1]: https://old.reddit.com/r/netsec/comments/ch86o6/vlc_security... discuss order hn newest joana035|5 years ago OpenSSL upstream was almost abandoned during those days.Software are always gonna have bugs, it's written by humans after all. The important thing is to acknowledge and work towards an ideal outcome. kasabali|5 years ago Xweak keys" didn't have anything to do with backporting fixes to older versions. It was introduced into the version in sid at the time.
joana035|5 years ago OpenSSL upstream was almost abandoned during those days.Software are always gonna have bugs, it's written by humans after all. The important thing is to acknowledge and work towards an ideal outcome.
kasabali|5 years ago Xweak keys" didn't have anything to do with backporting fixes to older versions. It was introduced into the version in sid at the time.
joana035|5 years ago
Software are always gonna have bugs, it's written by humans after all. The important thing is to acknowledge and work towards an ideal outcome.
kasabali|5 years ago