Quoting Tim Retout (2013-07-22 12:30:57) > On 22 Jul 2013 10:48, "Jonas Smedegaard" <[1][email protected]> wrote: >> Arrgh...! >> >> You just educated me to inspect bugtrackers more closely: Perhaps if >> you'd not closed the Debian bug but left open and tagged as wontfix, >> then I'd noticed it when making a move now > > Indeed, in hindsight that would have been better. :( Apologies. > > What really annoys me about this is that other distros do use the real > Data::UUID, but I struggled to get a CVE filed - how on earth does one > go about it?
Which ones? Looking for possible patches by others, I checked Fedora but they also use OSSP::uuid, apparently. > The multi-user issue isn't even described in a bug tracker, now that I > look at it. There's some sort of UUID_STATE file that can't be > overwritten, so I guess the UUIDs become less unique. perhaps the "state" is not user-specific but system-specific info? Purely guessing here: Could be that md5 hash of system name and ip... Should we perhaps move this discussion somewhere else? How about discussing at [email protected] with subject line prefixed with "Re: [rt.cpan.org #69277] " ;-) - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
