Openssh 5.4 is from March 2010, per http://www.openssh.com/openbsd.html . I’m glad that the open source process worked so well to find this bug...
-
-
@benhawkes As I said in response to a similar comment, my target is not openssh per se but the general open source quality problem. -
@SteveBellovin But using the open source project with perhaps the best track record in security as your example is a bit silly, right? - 11 more replies
New conversation -
-
-
@benhawkes@DrNemski@SteveBellovin setting it to On by default was definitely on purpose - and poor form for an experimental option. -
@rnelson0@benhawkes@DrNemski And this is code that was never tested because no one ever wrote the server side. - 1 more reply
New conversation -
-
-
@benhawkes@sergeybratus@SteveBellovin You mean it had one *for* 6 years? :PThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@benhawkes@SteveBellovin it happens because you guys suckThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.