[Media] 8.04 Servers - Wikipedia

[Mario Vukelic]

On Mon, 2008-10-13 at 21:19 +1000, Res wrote:
> distros that do not hack the shit out of 
> packages tend to not have updates every week,

Puleeze. For your benefit I did a quick review of the announcements
related to 8.04 on ubuntu-security since Sept 1. In chronological order:

libxml2: DoS by bug in upstream
racoon: DoS by bug in upstream
postfix: local DoS by bug in upstream
freetype: code execution or DoS by bug in upstream
libxml2: code execution by bug in upstream
rdesktop: code execution or DoS by bug in upstream
firefox, xulrunner: several vulnerabilities by bugs in upstream
thunderbird: several vulnerabilities by bugs in upstream
nasm: code execution by bug in upstream
ruby: several vulnerabilities by bugs in upstream

How would this not happen if a distro does not apply changes to upstream
code. You might argue that distro-specific changes can only add even
more issue on top of these, but doing so would change your original
argument.


>  and please please please do 
> not rant off your little tiny pathetic chest 

Do you communicate in the same offending way in your supposed management
position?

> about debian (ubuntu) make
> changes for the good of all, only have to look at the recent SSL bullshit 
> that debian caused thinking they know best to know why. if you dont F with 
> it, then chances are it wont break,

A rational position would be to weigh the pros and cons of
distro-specific changes overall, not to go ballistic over an isolated
issue. "If you dont F with it, then chances are it wont" integrate well,
either.