[ROS] The perils of security tools

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed May 14 01:29:28 EDT 2008

"Jonathan S. Shapiro" <shap at eros-os.com> writes:

>That said, I agree that pushing the changes upstream is vital, and I further
>agree that fixing bugs you don't understand is a bad idea. Debian screwed up.

Debian seem to be particularly bad for not reporting changes to maintainers,
although other distros do it as well.  I've got a few packages that are
contained in a number of distros and I notice via occasional Google searches
for semi-related items that I'm getting hits to CVS change logs for my code
where someone is repeatedly re-applying some patch to every new version I
release.  All they'd have to do is send me email to say they've made the
change and I can apply it to the master copy, but instead they re-patch every
new release.  In addition because I have no idea where it's ending up, I can't
even send out a notification to say there's a new version out.  It's a very
strange way to "maintain" code.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list