in reply to Re^9: 5.18.0 is available NOW!
in thread 5.18.0 is available NOW!
This process is called "responsible disclosure".
That can lead to "a feeling of false security."
The patches mitigating CVE-2013-1667 are all public.
The patches are public; but whether they actually address the perceived problem -- nor even if the perceived problem is actually a problem -- cannot be determined without knowing what the problem is.
The only code which is not public is the code which demonstrates a key-discovery attack on perls old hash function,
Easily reproduced with a 20 line script. It is running now:
<Reveal this spoiler or all in this thread>
You do not know what you are talking about
Actually, I do. As you will find out.
With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.
In Section
Perl News