Celejar wrote: > On Mon, 8 Feb 2021 08:36:34 -0500 > Dan Ritter <d...@randomstring.org> wrote: > > > OpenWRT's security process doesn't look as terrible as it used > > to be, but it doesn't really look good right now, just trying to > > be better. > > Again, let's look at specific examples of vulnerabilities present in > both OpenWRT and Debian, and compare the projects' responses. I gave > you one timely example: OpenWRT's SA for the dnsmasq vulnerabilities > was issued about two weeks before Debian's. > > You feel that OpenWRT's security process "doesn't look good." Based on > what? Can you provide a vulnerability that affects their software that > they dropped the ball on?
No, thanks. I don't need to poke at OpenWRT any further. I already have a Debian firewall that has had good security support from Debian since 2014; I see no reason not to continue using it until the hardware fails. At that point, I will buy another relatively small fully supported Debian box, and carry on. Among other benefits, it means that all the machines at home have the same procedures and can be used as testbeds for each other. E.g. the music-playing machine in the living room is now testing out Bullseye. I can be glad that OpenWRT has improved their security practices and simultaneously not be interested in using it. -dsr-
