On Wed, 2004-07-07 at 16:43, seth vidal wrote:
So, would it be completely inappropriate to nominate ethereal for removal from fc3 due to its spotty history of security problems?
It seems like an excellent place to start thinking of packages that
should be maintained, in fedora extras, by the people interested in
using them, not by the central developers at red hat.
Are most of the problems in ethereal or in libpcap? libpcap seems to have a spottier record.. but that would mean a lot more packages to be removed.
Actually, ethereal itself has had many more security erratas than tcpdump/libpcap (i'd say roughly 10 times as many).
So although tcpdump and libpcap sometimes have a security errata, it's by for not as serious as ethereal.
Read ya, Phil
-- Philipp Knirsch | Tel.: +49-711-96437-470 Development | Fax.: +49-711-96437-111 Red Hat GmbH | Email: Phil Knirsch <phil@xxxxxxxxx> Hauptstaetterstr. 58 | Web: http://www.redhat.de/ D-70178 Stuttgart Motd: You're only jealous cos the little penguins are talking to me.
