black eye

Welte is hinting that VIA might walk down the path that open source developers point out, but there’s no guarantee of that.

Developers who worked with VIA in this way would be buying a pig in a poke, and trusting Welte’s word it will all work out.

As has been widely reported, the maintainers of Debian's OpenSSL packages made some errors recently that have potentially compromised the security of any sshd-equipped system used remotely by Debian users.

System administrators may wish to purge authorized_key files of public keys generated since 2006 by affected client machines.