Re: Safe security

Magnus Hagander <magnus@hagander.net>

From: Magnus Hagander <magnus@hagander.net>
To: "David E. Wheeler" <david@kineticode.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Tim Bunce <Tim.Bunce@pobox.com>, Andrew Dunstan <andrew@dunslane.net>, jd <jd@commandprompt.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2010-03-08T17:55:14Z
Lists: pgsql-hackers
2010/3/8 David E. Wheeler <david@kineticode.com>:
>> Particularly if the vendor chooses to back-patch
>> Safe security fixes without bumping the visible version number, as is
>> not unlikely for Red Hat in particular.
>
> This is why I hate packaging systems. Frankly, Red Hat's Perl has been consistently broken for close to a decade, mainly because of patching practices such as this.

Goes both way - it's the main reason I hate CPAN, and I know many
sysadmins who hold just that position. (to be clear: the lack of
back-branch management on CPAN is what sucks)

But we're not arguing that. We know it's a situation out there, and we
jus thave to deal with it.


-- 
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/