FLAME - security advisories on the 23rd ? uncool idea is uncool
Joe Holden
lists at rewt.org.uk
Fri Dec 23 16:52:15 UTC 2011
The serious one (telnetd) is already being exploited in the wild, and if
you're running telnetd anyway then you can always switch to ssh or acl
the port, either way it is a relative non-issue to ignore the update for
now...
Damien Fleuriot wrote:
> My point (which may or may not be valid) was that if the vulnerabilities
> remained *undisclosed*, they would have a much lower chance of being
> exploited.
>
>
>
> On 12/23/11 5:47 PM, Joe Holden wrote:
>> So don't update until Monday? The outcome will be the same :)
>>
>> Damien Fleuriot wrote:
>>> Hey up list,
>>>
>>>
>>>
>>> Look, just a rant here.
>>>
>>>
>>> Who in *HELL* thought it would be a cool idea to release no less than
>>> FOUR security advisories today ?
>>>
>>> I mean, couldn't this have waited and remained undisclosed until monday ?
>>>
>>> I for one do *NOT* relish the idea of updating 50+ boxes this evening
>>> and tomorrow !
>>>
>>>
>>> Not to mention a whole lot of merchants and banks have toggled IT Freeze
>>> a few weeks ago, to ensure xmas shopping doesn't get disturbed by
>>> production changes.
>>>
>>>
>>> Seriously, this is just irritating.
>>>
>>>
>>> /flame
>>> _______________________________________________
>>> freebsd-stable at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
More information about the freebsd-stable
mailing list