© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Yes, see second-to-last question of:
http://
What's needed now is
1) a request to be made from Ubuntu pointing out to upstream that it is a significant issue they should address (either with this patch or some other way), and
2) meanwhile, either apply the patch, or make available alternative versions of openssh-client and openssh-server that have the patch applied, as other distros have.
Given the nature of security software, I can understand not wanting to apply the patch if upstream hasn't, but providing clearly-marked alternatives should not be similarly inhibited. It's a factor of 20 performance improvement we're talking about here.
Also, if you make alternatives available, please do not disable the None cipher. It's hard enough to enable that nobody will use it accidentally, but for LANs it can make a factor of 4 or more speed difference, which is a lot for those of us dealing with terabyte datasets and trying to back them up over the net.
Thanks again,
--jh--