FLAME - security advisories on the 23rd ? uncool idea is uncool
Damien Fleuriot
ml at my.gd
Fri Dec 23 16:57:06 UTC 2011
On 12/23/11 5:54 PM, Bas Smeelen wrote:
>> Look, just a rant here.
>
>
>> Who in *HELL* thought it would be a cool idea to release no less than
>> FOUR security advisories today ?
> What's the impact for your boxes?
>
Only the BIND exploit concerns me, means that *potentially* servers for
my projects might be unable to run DNS resolution anymore -> prod problems.
I don't think we'll be getting trouble though so I'm postponing the
update until next week.
>> I mean, couldn't this have waited and remained undisclosed until monday ?
> Best time to exploit is Christmas/holidays
>
>> I for one do *NOT* relish the idea of updating 50+ boxes this evening
>> and tomorrow !
> updating 30 boxes right now
>
>> Not to mention a whole lot of merchants and banks have toggled IT Freeze
>> a few weeks ago, to ensure xmas shopping doesn't get disturbed by
>> production changes.
>
>
>> Seriously, this is just irritating.
> If you don't use telnet, ftpd, dns, pam, then it's not a big problem
>
> merry Christmas
>
> Disclaimer: http://www.ose.nl/email
>
More information about the freebsd-stable
mailing list