[Freedombox-discuss] secure UUIDs
Tim Retout
diocles at debian.org
Mon Jul 22 10:30:57 UTC 2013
On 22 Jul 2013 10:48, "Jonas Smedegaard" <dr at jones.dk> wrote:
> Arrgh...!
>
> You just educated me to inspect bugtrackers more closely: Perhaps if
> you'd not closed the Debian bug but left open and tagged as wontfix,
> then I'd noticed it when making a move now
Indeed, in hindsight that would have been better. :( Apologies.
What really annoys me about this is that other distros do use the real
Data::UUID, but I struggled to get a CVE filed - how on earth does one go
about it?
The multi-user issue isn't even described in a bug tracker, now that I look
at it. There's some sort of UUID_STATE file that can't be overwritten, so I
guess the UUIDs become less unique.
Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130722/666d9950/attachment.html>
More information about the Freedombox-discuss
mailing list