[Freedombox-discuss] secure UUIDs

Tim Retout diocles at debian.org
Mon Jul 22 10:30:57 UTC 2013

On 22 Jul 2013 10:48, "Jonas Smedegaard" <dr at jones.dk> wrote:
> Arrgh...!
> You just educated me to inspect bugtrackers more closely: Perhaps if
> you'd not closed the Debian bug but left open and tagged as wontfix,
> then I'd noticed it when making a move now

Indeed, in hindsight that would have been better.  :( Apologies.

What really annoys me about this is that other distros do use the real
Data::UUID, but I struggled to get a CVE filed - how on earth does one go
about it?

The multi-user issue isn't even described in a bug tracker, now that I look
at it. There's some sort of UUID_STATE file that can't be overwritten, so I
guess the UUIDs become less unique.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130722/666d9950/attachment.html>

More information about the Freedombox-discuss mailing list