Alexander Bluhm
Alexander Bluhm is an OpenBSD developer since 2007. His main area
of work is the network stack. He is employed at genua, a German
firewall manufacturer, who wants secure, reliable and fast OpenBSD
as base for its products. Other areas of interest are the errata
process, maintaining Perl ports, and fixing all kinds of bugs.
Session
Embargoes create myth about security fixing. In OpenBSD we have an
errata process to provide source and binary patches for stable
releases. This requires a mixture of secrecy and fast acting.
What are the requirements for a small team to build fixes? Where
is the line between security issues and regular bug fixes? What
effect does the number of increased AI reports have on this process?
There is a CVE, will there be a fix? How do companies with products
based on OpenBSD interact?
This talk will answer these questions and we may also collect
interesting views from the audience.