gnutls - how will future security fixes be handled

asked 2014-03-05 23:05:10 +0200

cy8aer
9385 ●205 ●263 ●262

updated 2014-03-19 14:30:36 +0200

eric

12967 ●88 ●133 ●123

https://twitter.com/erkki...

Just a question for the actual goto fail of gnutls: How will such security issues be handled in future? Will gnutls be patched in the 1.0.41.x?

answered 2014-03-05 23:45:05 +0200

tigeli

9543 ●111 ●112 ●130

admin

The gnutls (and any other sec. vuln.) will be patched/fixed as soon as possible.

edit flag offensive delete publish link

Comments

As soon as quick fix or a need to wait upcoming update?

ZogG ( 2014-03-06 00:33:12 +0200 )edit

"As soon as possible", does this mean with an urgent, out of cycle update?

bart ( 2014-03-06 04:07:13 +0200 )edit

@bart - I don't know the release process in Jolla but... it would be feasable, after all, SailfishOS can work as most desktop distribution in this regard: publish the rpm on the repository, and the package can be upgraded on its own, without "bumping" any global version.Actually, unless you need to update major parts of the system, it would be the best way to handle upgrades...

mikelima ( 2014-03-06 10:34:05 +0200 )edit

I am not shure but some Jolla people said that they only want to bump and not to upgrade single packages, didn't they? (where was this interview, w00t on tmo... ??)

cy8aer ( 2014-03-06 12:16:25 +0200 )edit

They can want things, but I expect at least a secure device. Some issues warrant a hotfix, such as this GnuTLS (my desktop had the update before the problem became public).

Fuzzillogic ( 2014-03-06 19:31:02 +0200 )edit

gnutls - how will future security fixes be handled

1 Answer

Comments

Question tools

Stats

Related questions

gnutls - how will future security fixes be handled

1 Answer

Comments

Question tools

Public thread

Stats

Related questions