FreeBSD's heartbleed response
Mike Tancsa
mike at sentex.net
Tue Apr 8 18:00:09 UTC 2014
On 4/8/2014 1:42 PM, Chris Nehren wrote:
> later, FreeBSD remains unpatched. There are many worried
> sysadmins and other users in #freebsd and elsewhere wondering
> what's going on and when their systems will be patched. So far
> all we have is an unofficial gist on github and some discussion
> here (which most users don't see) with no further information.
> More transparency is needed.
* The port was very quickly updated.
* Xin posted a working patch to the list for those who really wanted to
apply it.
* I think it reasonable that code touching such a CRITICAL aspect of the
OS be *well* reviewed before getting committed. IIRC there was a quick
fix to an openssl bug in the past that then had to be fixed again.
* What is stopping people who care about security from joining, or
following this mailing list ?
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
More information about the freebsd-security
mailing list