<https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/>
Summary: a WireGuard port to FreeBSD was sponsored by Northgate (pfSense company). The port was of poor quality and dangerously so. Nobody caught it until after pfSense was released with it, and just before FreeBSD released it. The messenger was tortured, but not shot. Bonus: the guy who ported the code was a felon / bad landlord. Lesson: open source software does not get enough quality control. Especially code that might affect security. Some Linux distros attempt QC (e.g. RedHat) but I'm sure it is inadequate. --- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
