And all code that gets linked into security critical applications/libraries needs to be covered by under some sort of security focused code review.
So no patching the compression code that openSSL links to with random junk distribution maintainers.
And all code that gets linked into security critical applications/libraries needs to be covered by under some sort of security focused code review.
So no patching the compression code that openSSL links to with random junk distribution maintainers.