Bruno Wolff III wrote:
On Sat, Apr 26, 2014 at 22:19:47 +0200,
Frantisek Hanzlik fra...@hanzlici.cz wrote:
I'm not SSL/TLS guru and I'm not in-deep study heartbeat OpenSSL bug
(mainly because I consider Fedora 15+ as too problematic and stay at
F14 with eventual migration to CentOS 6 on my
Joe Zeff wrote:
On 04/26/2014 04:35 PM, Bruno Wolff III wrote:
Depending on what you don't like about current Fedoras, you might try
out the XFCE or Mate desktops. They provide an experience similar to
Gnome 2. If you have an old graphics card, you will want to use kdm or
lxdm instead of
On 26 April 2014 03:38, Tim ignored_mail...@yahoo.com.au wrote:
On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote:
millions and millions of affected users who had to go ahead and change
passwords for many many things they rely on
One thing I haven't seen mentioned, here nor elsewhere,
Ian Malone wrote:
On 26 April 2014 03:38, Tim ignored_mail...@yahoo.com.au wrote:
On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote:
millions and millions of affected users who had to go ahead and change
passwords for many many things they rely on
One thing I haven't seen mentioned,
On 4/26/2014 1:19 PM, Frantisek Hanzlik wrote:
I consider Fedora 15+ as too problematic and stay at
F14
yup...fedora version 19 or 20 bugs are far worse than a computer
security breach.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
On Sat, Apr 26, 2014 at 22:19:47 +0200,
Frantisek Hanzlik fra...@hanzlici.cz wrote:
I'm not SSL/TLS guru and I'm not in-deep study heartbeat OpenSSL bug
(mainly because I consider Fedora 15+ as too problematic and stay at
F14 with eventual migration to CentOS 6 on my servers, thus they aren't
On 04/26/2014 04:35 PM, Bruno Wolff III wrote:
Depending on what you don't like about current Fedoras, you might try
out the XFCE or Mate desktops. They provide an experience similar to
Gnome 2. If you have an old graphics card, you will want to use kdm or
lxdm instead of gdm.
If you pick
On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote:
millions and millions of affected users who had to go ahead and change
passwords for many many things they rely on
One thing I haven't seen mentioned, here nor elsewhere, was whether the
bug could only affect you if they tried to hack the
Hi
On Sat, Apr 19, 2014 at 11:32 AM, Jerry Feldman wrote:
The cost of a managed language is that it affects performance.
Not necessarily but even in that case, it might have better to trade off
some speed for better security in such cases. We are talking about
millions and millions of
On 04/09/2014 01:43 PM, Dave Stevens wrote:
Quoting Tim ignored_mail...@yahoo.com.au:
Allegedly, on or about 08 April 2014, Jonathan Ryshpan sent:
It's an interesting question why Net infrastructure code continues to
be written in C, a language that provides no automatic checks for
buffer
On 04/09/2014 10:35 AM, j.witvl...@mindef.nl wrote:
-Original Message-
From: users-boun...@lists.fedoraproject.org
[mailto:users-boun...@lists.fedoraproject.org] On Behalf Of g
Sent: woensdag 9 april 2014 9:19
To: users@lists.fedoraproject.org
Subject: Re: Coding Practice [was Re
On 9 April 2014 18:05, Liam Proven lpro...@gmail.com wrote:
On 9 April 2014 17:19, Tim ignored_mail...@yahoo.com.au wrote:
Only the other day I was thinking similarly: That almost every exploit
that I read about, over the last umpteen years, was a buffer overflow;
and why is it so? Are
Hi
On Thu, Apr 10, 2014 at 3:19 AM, Ian Malone wrote:
.
This bug was pretty bad, but the kind of mistakes that lead to
overflows and over-reads tend to be from not keeping track of the data
properly and will cause other problems anyway, memory protection
doesn't help with those.
In a
On 04/09/14 11:35, Jonathan Ryshpan wrote:
It's an interesting question why Net infrastructure code
continues to be written in C, a language that provides no
automatic checks for buffer overflow, which (if I understand
right) is the opening for this security breach, along with so
many
On 9 April 2014 06:35, Jonathan Ryshpan jonr...@pacbell.net wrote:
On Tue, 2014-04-08 at 10:55 +0100, Patrick O'Callaghan wrote:
https://www.openssl.org/news/secadv_20140407.txt
See also http://heartbleed.com/ and
On Tue, Apr 08, 2014 at 10:35:24PM -0700, Jonathan Ryshpan wrote:
On Tue, 2014-04-08 at 10:55 +0100, Patrick O'Callaghan wrote:
https://www.openssl.org/news/secadv_20140407.txt
See also http://heartbleed.com/ and
-Original Message-
From: users-boun...@lists.fedoraproject.org
[mailto:users-boun...@lists.fedoraproject.org] On Behalf Of g
Sent: woensdag 9 april 2014 9:19
To: users@lists.fedoraproject.org
Subject: Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
On 04/09/14 11:35
On Wed, 2014-04-09 at 16:35 +0200, j.witvl...@mindef.nl wrote:
And whatever language you use, people can still create unreadable
spaghetti-code ;-)
There is not now, nor has there ever been, nor will there ever be, any
programming language in which it is the least bit difficult to write bad
Allegedly, on or about 08 April 2014, Jonathan Ryshpan sent:
It's an interesting question why Net infrastructure code continues to
be written in C, a language that provides no automatic checks for
buffer overflow, which (if I understand right) is the opening for this
security breach, along
On 9 April 2014 17:19, Tim ignored_mail...@yahoo.com.au wrote:
Only the other day I was thinking similarly: That almost every exploit
that I read about, over the last umpteen years, was a buffer overflow;
and why is it so? Are programmers such morons that they accept all data
without care,
On 9 April 2014 18:05, Liam Proven lpro...@gmail.com wrote:
I was just ranting about this /right before/ the Heartbleed thing became
public:
But Gmail didn't want me to paste the link, which is:
http://liam-on-linux.livejournal.com/42285.html
--
Liam Proven * Profile:
On 04/09/2014 06:19 PM, Tim wrote:
Allegedly, on or about 08 April 2014, Jonathan Ryshpan sent:
It's an interesting question why Net infrastructure code continues to
be written in C, a language that provides no automatic checks for
buffer overflow, which (if I understand right) is the opening
Quoting Tim ignored_mail...@yahoo.com.au:
Allegedly, on or about 08 April 2014, Jonathan Ryshpan sent:
It's an interesting question why Net infrastructure code continues to
be written in C, a language that provides no automatic checks for
buffer overflow, which (if I understand right) is the
On Tue, 2014-04-08 at 10:55 +0100, Patrick O'Callaghan wrote:
https://www.openssl.org/news/secadv_20140407.txt
See also http://heartbleed.com/ and
http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/
This is potentially very
24 matches
Mail list logo