OpenSSL Security Vulnerability
SiliconEntity writes "On the heels of multiple OpenSSH vulnerabilities,
the OpenSSL project is now reporting a number of security vulnerabilities of its own. OpenSSL is a standard cryptographic library used in a wide variety of security applications. The new vulnerabilities range from denial-of-service attacks to stack corruption, which imply the possibility of running malicious code. New versions of the software are released today which address the vulnerabilities."
Let's get the Microsoft flamefest started!
All software has bugs. But if you are specifically making a software package that purports to be secure, it behooves you to make sure not to release until you are ready. Looks like there were "a number" of vulnerabilities. Perhaps they should have waited?
open source sux
Not to mention that this same company probably has the same bug because they swiped the OPENSSL code. .dn
No more Micro$oft bashing from me. Its like bashing at the special olympics.
stop this java crap!! .NET!!
use a REAL language like
You fucking cretinous prick. Theo has nothing to do with OpenSSL.
Go back to your basement, kid.
You forgot the:
$connect = "user=fuckwit";
Either that or they're doing a heck of a lot of auditing lately. Hopefully they'll find a bunch at once, and be done with it for a while.
But unfortunately from what I've seen from OpenSSH, it appears that we may have another sendmail/wu-ftp/bind type program in terms of security. That is not a good thing, since many services are being changed to use ssh/ssl for transport, leaving us with a single point of (in)security.
This is sure embarassing for the OpenBSD team though. Their code is right now some of the worst in BSD land for security (although in fairness, it is mostly portable ssh that has problems. On OpenBSD, OpenSSH has much cleaner code and is much more secure).
Listen here you stick-legged mulefaced fucknugget, seeing societal rejects like you make fun of Microsoft on some lame internet forum really brightens my day.
Also I'm really drunk and the last thing I care about at this point is entertaining you internet jackass geeks.
Name a single example.
Microsoft puts out patches immediately once a vulnerability is announced.
"Sufferin' succotash."