FLAME - security advisories on the 23rd ? uncool idea is uncool

Kurt Buff kurt.buff at gmail.com
Sat Dec 24 17:05:55 UTC 2011

On Fri, Dec 23, 2011 at 08:07, Damien Fleuriot <ml at my.gd> wrote:
> Hey up list,
> Look, just a rant here.
> Who in *HELL* thought it would be a cool idea to release no less than
> FOUR security advisories today ?

I'm guessing the Security Officer and those with whom he consults.
Just a thought, since that's who sent the email.

> I mean, couldn't this have waited and remained undisclosed until monday ?

Does "active exploitation in the wild" mean anything to you?

> I for one do *NOT* relish the idea of updating 50+ boxes this evening
> and tomorrow !

Sucks to be you. You knew the job was dangerous when you took it, and
if you didn't, well, then, bummer, it's what comes with the territory.

I just spent my day yesterday downing my entire server environment in
the US to upgrade the electrical, and it was a paid holiday for the

As a sysadmin, you should know that these things happen, and learn to
deal with them.

> Not to mention a whole lot of merchants and banks have toggled IT Freeze
> a few weeks ago, to ensure xmas shopping doesn't get disturbed by
> production changes.

Yeah. It's hell being a professional.

> Seriously, this is just irritating.

Cry me a river. You should be thanking the team for getting the
releases to you as fast as possible, so you can take effective
measures ASAP.


More information about the freebsd-stable mailing list