version 1.438, 2019/02/19 10:17:31 |
version 1.439, 2019/02/19 11:01:49 |
|
|
have fixed many simple and obvious careless programming errors in code |
have fixed many simple and obvious careless programming errors in code |
and only months later discovered that the problems were in fact |
and only months later discovered that the problems were in fact |
exploitable. (Or, more likely someone on |
exploitable. (Or, more likely someone on |
<a href="http://online.securityfocus.com/archive/1">BUGTRAQ</a> |
<a href="https://www.securityfocus.com/archive/1">BUGTRAQ</a> |
would report that other operating systems were vulnerable to a `newly |
would report that other operating systems were vulnerable to a `newly |
discovered problem', and then it would be discovered that OpenBSD had |
discovered problem', and then it would be discovered that OpenBSD had |
been fixed in a previous release). In other cases we have been saved |
been fixed in a previous release). In other cases we have been saved |
|
|
Our proactive auditing process has really paid off. Statements like |
Our proactive auditing process has really paid off. Statements like |
``This problem was fixed in OpenBSD about 6 months ago'' have become |
``This problem was fixed in OpenBSD about 6 months ago'' have become |
commonplace in security forums like |
commonplace in security forums like |
<a href="http://online.securityfocus.com/archive/1">BUGTRAQ</a>.<p> |
<a href="https://www.securityfocus.com/archive/1">BUGTRAQ</a>.<p> |
|
|
The most intense part of our security auditing happened immediately |
The most intense part of our security auditing happened immediately |
before the OpenBSD 2.0 release and during the 2.0->2.1 transition, |
before the OpenBSD 2.0 release and during the 2.0->2.1 transition, |