I think it will be ok to avoid using CFinder.
It was originally used as an alternative algorithm to find embedded
code relationships. However, it has a much higher false positive rate
(it detects false relationships when it shouldn't). I was originally
considering not using this part of the system
-Mensaje original-
From: Nico Golde
Sent: Tuesday, February 21, 2012 7:54 PM
To: debian-security-annou...@lists.debian.org
Subject: [SECURITY] [DSA 2414-1] fex security update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
On Tue, 2012-02-21 at 19:04 +1100, Silvio Cesare wrote:
> Hi. I think I'll be able to spend March working on it. I will rewrite
> parts of and clean up the code and get it ready for packaging.
Great!
> The system uses a closed source tool called CFinder
> (http://www.cfinder.org/) to perform cli
On lun., 2012-02-20 at 19:50 -0200, Henrique de Moraes Holschuh wrote:
> [1] or anything else that properly secures DNS sessions
Note that you can have integrity protection / authentication using TSIG
(though key distribution is still an issue).
--
Yves-Alexis
signature.asc
Description: This is
Hi. I think I'll be able to spend March working on it. I will rewrite
parts of and clean up the code and get it ready for packaging.
At this point, providing nothing else comes up I think a rough timeline is
March - Refine code so it runs nicely in a Debian environment for
Debian as Debian wants
5 matches
Mail list logo
