I’m sure you’ve read about Debian’s OpenSSL blunder. If not here’s a recap on Linux.com.
I’m just wondering… is it possible that the pain will be so great for admins that the great stable debian will be discontinued from production server use? I would (but I don’t use debian based systems for anything but livecds), seriously this is a hugely idiotic mistake, the pain of which is only beginning. This may in fact be the biggest security blunder I have ever heard of in open source.