brk bug and debian

miah jjohnson at sunrise-linux.com
Wed Dec 3 14:08:40 EST 2003


I think its good that they care enough about security that they're trying to clean everything up.  But it sure is taking longer than it should, and its causing security releases to take forever to get out, which is hurting the end users.

-miah

On Wed, Dec 03, 2003 at 02:05:39PM -0500, Mike Small wrote:
> You don't think that's a good idea after a compromise?
> Here's a complete report of the break in and their recovery.
> 
> http://lists.debian.org/debian-announce/debian-announce-2003/msg00003.html
> 
> It more or less satisfied me enought that I'll stay 
> with debian.  Tried gentoo once.  I didn't think it 
> really had much to add over using some combination of 
> debian unstable, experimental and/or source packages.  
> They don't seem to have nearly as many maintainers yet.  
> On the other hand, emerge seems more straight forward 
> for a user to mess with himself if a package isn't being 
> kept up.  At least it did when I looked at it, they seemed to 
> be adding features and releasing new versions of
> portage at break neck speed, so one day maybe
> their packages will be as obscure to me as .deb 
> packages.
> 
> On Wed, Dec 03, 2003 at 01:27:01PM -0500, Bob Keyes wrote:
> > 
> > 
> > On Wed, 3 Dec 2003, miah wrote:
> > 
> > > Debian got owned by the brk bug, had most of their servers owned... While they 'fix' things all maintainers are locked out.   Its been all over every news site for the last 2 weeks.
> > 
> > While I know they were hacked, I didn't know mnters were still locked out.
> > This strikes me as remarkably stupid. Time to switch to gentoo, maybe .
> > 
> > _______________________________________________
> > Discuss mailing list
> > Discuss at blu.org
> > http://www.blu.org/mailman/listinfo/discuss
> 
> -- 
> Mike Small
> smallm at panix.com
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://www.blu.org/mailman/listinfo/discuss



More information about the Discuss mailing list