[Gllug] Debian / Ubuntu SSL vulnerability
John Winters
john at sinodun.org.uk
Wed May 14 09:42:08 UTC 2008
Phil Hands wrote:
> I can tell you what we spent yesterday doing to the debian.org servers,
> and you can decide how far you want to go down the same path.
[snip long and useful explanation]
Phil - thanks for going to the trouble of documenting all that. Very useful.
> P.S. If people are tempted to indulge in finger-pointing about this,
Far from being inclined to indulge in finger-pointing I'm eternally
grateful to all the Debian people for being so professional and thorough
about all security issues. There is a great temptation for organisations
to try to hide their mistakes, and large commercial organisations all too
often succumb. Only by being brutally honest, as the Debian people have
been, can you provide genuine reliability.
Cheers,
John
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list