* Aviv Raff: > On Mon, 12 Jul 2004 20:34:44 +0200, Florian Weimer <[EMAIL PROTECTED]> wrote: >> * Aviv Raff: >> >> > Security patches shouldn't be overridden unless intended too (i.e >> > uninstalled). >> >> This is not standard industry practice. Especially if a patch might >> break previously working configuration, I completely agree that it's >> correct. > > That's why there should be a way to uninstall the patch, as I wrote.
This requires that you have individual patches for each vulnerability, something that is often practically impossible (because of combinatoric explosion) and is a support nightmare if it is possible. Those vendors supplying source code are far better off in this area. You simply pick the parts you like and recompile your own version. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
