Hi,
apparentyly openbsd has more or less silently fixed an older openssl issue that
has been stuck in the openssl bug tracker:
The openbsd patch:
http://www.openbsd.org/errata55.html#004_openssl
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig
The original
David Noel david.i.n...@gmail.com writes:
My main point was that if you don't trust Subversion it makes no sense
to say you trust portsnap. Portsnap pulls the ports tree from
Subversion. Using Subversion! The portsnap system relies on the trust
of both svnadmin and svn. Just as it does when
Portsnap uses secured access for getting updates out of Subversion
The portsnap open source project pulls data insecurely using the url
svn://svn.freebsd.org.
The server-side code of the FreeBSD portsnap system -- a closed source
fork of the open source portsnap project -- happens to use
David Noel david.i.n...@gmail.com writes:
The server-side code of the FreeBSD portsnap system -- a closed source
fork of the open source portsnap project -- happens to use secured
access for pulling data from svn.
So by your definition, every single Apache server on the planet runs a
closed
On 13/04/2014 6:09 PM, Christian Kratzer wrote:
Hi,
apparentyly openbsd has more or less silently fixed an older openssl
issue that has been stuck in the openssl bug tracker:
The openbsd patch:
http://www.openbsd.org/errata55.html#004_openssl
Hi everyone,
I came across this :
https://groups.google.com/forum/#!topic/mailing.openbsd.tech/xALfxxR3oKo
You are welcome. Stuart Henderson wrote the draft, but he forgot that
part, and Damien Miller and I realized it was needed. We sensed there
might be some ambiguity... we'll take care
Hi everyone,
I came across this :
https://groups.google.com/forum/#!topic/mailing.openbsd.tech/xALfxxR3oKo
You are welcome. Stuart Henderson wrote the draft, but he forgot that
part, and Damien Miller and I realized it was needed. We sensed there
might be some ambiguity... we'll take care
Hi everyone,
I came across this :
https://groups.google.com/forum/#!topic/mailing.openbsd.tech/xALfxxR3oKo
You are welcome. Stuart Henderson wrote the draft, but he forgot that
part, and Damien Miller and I realized it was needed. We sensed there
might be some ambiguity... we'll take care
So by your definition, every single Apache server on the planet runs a
closed source fork of the open source Apache project because they do
not use the exact same httpd.conf?
Ah, you're right. That's from build.conf. My mistake.
___
On 4/13/14, David Noel david.i.n...@gmail.com wrote:
So by your definition, every single Apache server on the planet runs a
closed source fork of the open source Apache project because they do
not use the exact same httpd.conf?
Ah, you're right. That's from build.conf. My mistake.
Though if
On Sun, 13 Apr 2014 10:33:53 -0400, Lowell Gilbert wrote:
David Noel david.i.n...@gmail.com writes:
My main point was that if you don't trust Subversion it makes no sense
to say you trust portsnap. Portsnap pulls the ports tree from
Subversion. Using Subversion! The portsnap system
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 4/13/14, 10:04 PM, David Noel wrote:
On 4/13/14, David Noel david.i.n...@gmail.com wrote:
So by your definition, every single Apache server on the planet
runs a closed source fork of the open source Apache project
because they do not use the
Indeed it is not. David's solution - which seems to amount to removing
portsnap and herding the cats at home to DTRT about using svn securely -
relies on other cats being as smart and aware of the ramifications as he
is - a highly questionable proposition especially for the numerous more
13 matches
Mail list logo
