tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: OpenSSH/OpenSSL patches to stop excessive entropy consumption



mrg@ wrote:

> > > And, by the way, what "large changes"?  The patch is 6 kilobytes as a
> > > unidiff.
> > 
> > I'm afraid maintaining 6KB diffs in src/external tree
> > would be annoying in future imports.
> 
> we have way more changes to openssh and/or openssl than this already
> in tree.  i think this case is definately worth it, considering the
> severity of the problem.

I have no further comment if maintainers (responsible in doc/3RDPARTY)
don't mind merge and conflicts, but I'm afraid divergence makes
urgent security fixes difficult.

---
Izumi Tsutsui


Home | Main Index | Thread Index | Old Index