in reply to Re^9: 5.18.0 is available NOW!
in thread 5.18.0 is available NOW!
This process is called "responsible disclosure".
That can lead to "a feeling of false security."
The patches mitigating CVE-2013-1667 are all public.
The patches are public; but whether they actually address the perceived problem -- nor even if the perceived problem is actually a problem -- cannot be determined without knowing what the problem is.
The only code which is not public is the code which demonstrates a key-discovery attack on perls old hash function,
Easily reproduced with a 20 line script. It is running now:
<Reveal this spoiler or all in this thread>
You do not know what you are talking about
Actually, I do. As you will find out.
With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^11: 5.18.0 is available NOW!
by demerphq (Chancellor) on May 22, 2013 at 10:57 UTC | |
by BrowserUk (Patriarch) on May 22, 2013 at 11:21 UTC | |
by demerphq (Chancellor) on May 22, 2013 at 11:44 UTC | |
by BrowserUk (Patriarch) on May 22, 2013 at 12:28 UTC | |
by demerphq (Chancellor) on May 22, 2013 at 13:07 UTC | |
|
In Section
Perl News