![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Dammit
Today has been a complete waste of a day.
For those of you not in the know, there's been a security announcement about openssh - or at least, there is apparantly a root hole that will be announced at some point in the near future, and we all have to upgrade to 3.3 and use privsep. Except that 3.3 is poorly tested, and doesn't play well with linux (some patches now available, but not for all the bugs). So for much of the day, I've been arguing on #debian-devel, on various mailing lists, and being bombarded with comments, questions, and bug reports about the "security fix" release that someone else made. Theo de Raadt keeps going on about how this is the perfect security process, but won't tell me that the f***ing bug is! I am exceedingly annoyed; this has however got me off my butt to start on obscurity...
For those of you not in the know, there's been a security announcement about openssh - or at least, there is apparantly a root hole that will be announced at some point in the near future, and we all have to upgrade to 3.3 and use privsep. Except that 3.3 is poorly tested, and doesn't play well with linux (some patches now available, but not for all the bugs). So for much of the day, I've been arguing on #debian-devel, on various mailing lists, and being bombarded with comments, questions, and bug reports about the "security fix" release that someone else made. Theo de Raadt keeps going on about how this is the perfect security process, but won't tell me that the f***ing bug is! I am exceedingly annoyed; this has however got me off my butt to start on obscurity...
no subject