[124213] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: [ROS] The perils of security tools

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu May 22 12:17:39 2008

From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: ben@links.org, shap@eros-os.com
Cc: cryptography@metzdowd.com, open-source@csl.sri.com
In-Reply-To: <1210695016.14939.10.camel@shaptop.om-md.eros-os.com>
Date: Wed, 14 May 2008 17:29:28 +1200

"Jonathan S. Shapiro" <shap@eros-os.com> writes:

>That said, I agree that pushing the changes upstream is vital, and I further
>agree that fixing bugs you don't understand is a bad idea. Debian screwed up.

Debian seem to be particularly bad for not reporting changes to maintainers,
although other distros do it as well.  I've got a few packages that are
contained in a number of distros and I notice via occasional Google searches
for semi-related items that I'm getting hits to CVS change logs for my code
where someone is repeatedly re-applying some patch to every new version I
release.  All they'd have to do is send me email to say they've made the
change and I can apply it to the master copy, but instead they re-patch every
new release.  In addition because I have no idea where it's ending up, I can't
even send out a notification to say there's a new version out.  It's a very
strange way to "maintain" code.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post