Batching errata & advisories in heaps degrades security.
Steven Hartland
killing at multiplay.co.uk
Thu May 5 16:38:01 UTC 2016
On 05/05/2016 17:25, Julian H. Stacey wrote:
> Benjamin Kaduk wrote:
>
>> As a member of the security team for two projects (not FreeBSD's, though),
>> I can say that it is a lot of behind-the-scenes work to put out
>> advisories,
> Of course.
>
>> and batching them reduces the unit cost of any given one.
> If so, their issue, not ours. Our concern is FreeBSD.
>
>
>> the
>> contents of the errata notices have been public for quite some time
> URLs ? If info was complete early, delaying those announcement
> degraded security of recipients. Batching also swamps recipients.
>
Totally the opposite, it means one rollout instead of X rollouts making
it simpler not harder.
More information about the freebsd-security
mailing list