On Thu, Aug 5, 2010 at 10:13 AM, Tim Starling tstarling@wikimedia.org wrote:
Or indeed, that they don't create new bugs that are even worse (as Kurt Roeckx did with his famous fix for some spurious valgrind warnings in OpenSSL).
The onus isn't 100% on Debian, partial blame can be on the OpenSSL team for not saying "Hey that's a stupid idea" when he asked about his 'fix'.