The Stack Clash vulnerability

Peter Jeremy peter at rulingia.com
Thu Jun 22 22:30:34 UTC 2017 

On 2017-Jun-22 13:14:33 +0200, Michelle Sullivan <michelle at sorbs.net> wrote:
>I know, but with potentially serious issues even M$ issue patches for 
>older release...

To my knowledge, Microsoft has issued a patch on one occasion for an
especialy critical vulnerabilicy on an unsupported release.  I've seen
no indication that the Stack Clash vulnerability can be compared in
severity to WannaCry.

>hardware.... I have 9.x servers that 10.x/11.x and even 12.x are 
>unbootable (and given the nature of the hardware I expect people to say 
>'too old, you should replace the hardware' - not my call, and currently 
>not possible.)

FreeBSD is a volunteer project.  Supporting old releases requires effort
that increases as the release gets older.  The Project as a whole has
published a support policy that is intended to strike a balance between
requiring customers to upgrade (we realise that upgrading incurs a cost)
and spending volunteer effort on maintaining old releases.

Note that I am referring to _free_ support here.  Unlike Microsoft,
FreeBSD is open source.  If the level of free support provided by the
Project is insufficient for your needs, you always have the option of
paying someone to provide whatever level of support you want.  With
respect to your 9.x servers, no-one is saying you must replace the
hardware, just that the FreeBSD Project will not continue to provide
you with free support whilst you choose to run 9.x on them.  Note that
10.0 was released in January 2014, so you have had 3½ years to resolve
the problem that your servers aren't compatible with 10.x.

>Not asking for new versions or new releases.. just patches applied for 
>previous -STABLE trees....

As has been stated, the FreeBSD project will patch the supported -STABLE
trees.

-- 
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20170623/6064b506/attachment.sig>

More information about the freebsd-security mailing list