Batching errata & advisories in heaps degrades security.
Julian H. Stacey
jhs at berklix.com
Thu May 5 16:25:36 UTC 2016
Benjamin Kaduk wrote:
> As a member of the security team for two projects (not FreeBSD's, though),
> I can say that it is a lot of behind-the-scenes work to put out
> advisories,
Of course.
> and batching them reduces the unit cost of any given one.
If so, their issue, not ours. Our concern is FreeBSD.
> the
> contents of the errata notices have been public for quite some time
URLs ? If info was complete early, delaying those announcement
degraded security of recipients. Batching also swamps recipients.
Julian
--
Julian Stacey, BSD Linux Unix Sys Eng Consultant Munich http://berklix.eu/jhs/
Mail plain text, No quoted-printable, HTML, base64, MS.doc.
Prefix old lines '> ' Reply below old, like play script. Break lines by 80.
Brexit: Meeting +UK blocks votes of Brits in EU http://www.berklix.eu/brexit/
More information about the freebsd-security
mailing list