Y
Hacker News
new
|
ask
|
show
|
jobs
by
icedchai
2294 days ago
Sometimes it's better to trust the developers, not the packagers. Example is the Debian SSH vulnerability from 2008:
https://www.debian.org/security/2008/dsa-1576
This was a bug introduced in packaging. See
https://lwn.net/Articles/281436/
for more details.