RedHat forks OpenSSH?
Damien Miller
djm at mindrot.org
Tue Nov 9 01:44:04 UTC 2004
Jos Vos wrote:
> On Tue, Nov 09, 2004 at 07:23:44AM +1100, Damien Miller wrote:
>
>
>>Nobody disputes Redhat's right to fork OpenSSH, but why does
>>Redhat not make their desired changes through the standard RPM
>>patching mechanism? By distributing their own OpenSSH tarballs
>>instead of patching pristine sources, Redhat breaks the link of
>>transparency, accountability and trust that their own RPM build
>>model is supposed to provide.
>
> They do the same for "xmms", for example, to eliminate MP3 support
> *and also not ship MP3 source code*, due to possible legal issues.
Then they should also chop RC4 out of OpenSSL, OpenSSH and anything else
that implements it because its legal status is near identical.
-d
More information about the fedora-devel-list
mailing list