Brandon’s Blog

Why oh why did openssl097 get uploaded UNPATCHED when there were known security issues with this version, with the fix even linked to in the bug?

This software was removed from Gutsy for a reason, if its going to be added back it should ATLEASTE be patched, as it stands right now anyone who installs vmware-server via Canonical’s Partner Repository is remote exploitable and it was known prior to the upload, is this a case of $$ from VMware means more than security? I’m sorry but this is simply not acceptable from Canonical as far as I’m concerned. It isnt a case where VMware is distributing it, its us, or atleaste Canonical distributing it to STABLE releases.

At this point a patch to fix the issue will simply not be enough, I want to know why this happened. And whats going to be done to ensure the Distribution I spend many hours for volunteering isnt going to allow this to happen again.

I Love Ubuntu and hate to see things like this happen, lets ensure they dont.

/* annoyed */

I’m a developer, and my primary tool is my computer. Unfortunately, about 3 months ago, my computer died an untimely death, and I have resorted to using a pentium 200MHz machine with 256MB Ram, which lets me keep up with regular communications, but significantly slows the pace of development.

As a computer is a big purchase, and represents most of what I want to receive for the holidays, I’ve set up a fundraiser so that people who wanted to help towards this gift could do so without needing to purchase the entire thing (and to avoid the all too common problem of receiving 8 video cards and no RAM).

www.fundable.com allows me to accept pledges via paypal but NOT collect any unless the goal is met, so if you feel giving and pledge something, it will only be charged if the goal is met ( this is set at $250, which seems to be the minimum for a decent system, if more is collected, I can look at something better). You can read more about how fundable works from www.fundable.com/faq, and I’m more than happy to answer any questions via email, IRC, Jabber, etc.

It seems there is a long standing tradition to post a “Hello Planet” entry when being added to a new planet.

Well Hello http://planet.debian.org , My name is Brandon Holtsclaw, and have done a bit of Debian and Ubuntu work over the last few years ( and hopefully will continue to do-so ). Only my posts taged with “planet-debian” are fed here so hopefully I wont spam totaly “unrealated to debian” things. Thanks Mako for getting me all setup.

If you would like to see all my posts or know a little bit more about me you can follow these few links ( or drop me an email ):
http://www.imbrandon.com/
http://qa.debian.org/[..]
https://launchpad.net/~imbrandon

Nothing more to see here … move along.

Inspired by the xkcd webcommic below, the guy over at VirtualRoadside.com came up with this HACK ( not used as redefined by modern language as a Script Kiddie, a true Hack(er) )

Very cool, I only have one word: Classic

The UbuntuWire Server Development Team is pleased to announce the resumption of the UbuntuWire Community Network, with the introduction of people.ubuntuwire.com and qa.ubuntuwire.com The UbuntuWire community has reorganised, and expects to be able to provide additional services in the future.

people.ubuntuwire.com provides local accounts for all Ubuntu developers, with limited web hosting and job scheduling on an Ubuntu 7.04 server. This resource is intended as a base for collaboration and sharing of simple scripts, interesting data files, and similar information in support of Ubuntu development.

qa.ubuntuwire.com provides access to regularly scheduled runs of many of the automated Quality Assurance scripts available, and is expected to be a useful resource in ensuring the overall quality of future Ubuntu releases.

About the UbuntuWire Community Network

The UbuntuWire Community Network was first established in February 2006, providing multi-architectural build services for Ubuntu developers, has been hosting REVU since August 2007, and introduced an Ubuntu-specific Google powered search engine in October 2007.

UbuntuWire grew out of a desire to provide a single set of static resources for Ubuntu developers, that otherwise is distributed over a wide variety of hosts, with different update rates and different levels of stability. By coordinating the administration of available servers, and providing consistent linking to recommended services, UbuntuWire hopes to fill the gap between what Canonical Ltd. is able to provide for the Ubuntu development community, and what is needed for an efficient workflow.

UbuntuWire is growing. If you would like to sponsor additional equipment, or facilities in which equipment could be hosted, please contact the UbuntuWire Community Development Team at community-development@ubuntuwire.com.

For more information, please visit www.ubuntuwire.com