Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
clarry
on March 19, 2015
|
parent
|
context
|
favorite
| on:
OpenSSL Security Advisory
So 4 out of 14 needed fixing in -current, while the rest were either already fixed or not relevant to libressl. It would be interesting to know who fixed the ones that were fixed already, and when.
vog
on March 19, 2015
|
next
[–]
I guess that most of these were "fixed" by simply throwing away lots of garbage code from OpenSSL during the evolution of LibreSSL.
InclinedPlane
on March 19, 2015
|
parent
|
next
[–]
Don't undersell that man, priority zero in security is reducing the threat surface.
oskarth
on March 19, 2015
|
parent
|
prev
|
next
[–]
There are no quotation marks about it; it still counts.
vog
on March 20, 2015
|
prev
[–]
You may be interested in the experience report of Ted Unangst about fixing security issues in OpenBSD:
http://www.tedunangst.com/flak/post/making-security-sausage
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
