FLAME - security advisories on the 23rd ? uncool idea is uncool

Shawn Webb lattera at gmail.com
Fri Dec 23 21:45:07 UTC 2011


As others have mentioned, you don't _have_ to patch this weekend. All
of the vulnerabilities have been [semi-]public knowledge for at least
a week. What's the harm in waiting till next week? Just pretend like
the patches came in on Tuesday.

I, for one, am grateful that FreeBSD has provided patches. It allows
people who do have the time/ability to patch this weekend to do just
that. If you don't want to, then don't. Simple as that.

Thanks,

Shawn

On Fri, Dec 23, 2011 at 2:40 PM, George Kontostanos
<gkontos.mail at gmail.com> wrote:
> On Fri, Dec 23, 2011 at 10:48 PM, Gary Palmer <gpalmer at freebsd.org> wrote:
>> On Fri, Dec 23, 2011 at 08:55:35PM +0200, George Kontostanos wrote:
>>> On Fri, Dec 23, 2011 at 8:40 PM, Matthew Seaman
>>> <m.seaman at infracaninophile.co.uk> wrote:
>>> > On 23/12/2011 18:05, George Kontostanos wrote:
>>> >> Are all cvs mirror servers updated regarding these changes ?
>>> >>
>>> >> ANYBODY ????
>>> >
>>> > Should have by now. ?Commits usually take about an hour to propagate to
>>> > the official cvsup servers.
>>> >
>>> > Easy enough to tell though -- the advisories have all the version
>>> > numbers in, and you'ld only need to check a file or two from each of
>>> > them to be reasonably sure you'ld got all the updates.
>>> >
>>> > ? ? ? ?Cheers,
>>> >
>>> > ? ? ? ?Matthew
>>> >
>>> > --
>>> > Dr Matthew J Seaman MA, D.Phil. ? ? ? ? ? ? ? ? ? 7 Priory Courtyard
>>> > ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?Flat 3
>>> > PGP: http://www.infracaninophile.co.uk/pgpkey ? ? Ramsgate
>>> > JID: matthew at infracaninophile.co.uk ? ? ? ? ? ? ? Kent, CT11 9PW
>>> >
>>>
>>> Thanks for the info Matthew. I think though that it is best for all to
>>> first make sure that the servers all updated before sending out all
>>> those security advisories.
>>
>> I don't believe they're monitored like that.  If you want the updates
>> quickly, download the files referenced in the advisories.  My build was
>> done before my local cvsup server picked up the changes.
>>
>> Gary
>
> Yes, that's easy if you dealing with one server. But it is very
> different when you have to apply those patches to 20 different servers
> that are in different locations. Having a local cvsup server doing
> this job tends to make updating easier.
>
> In any case, and IMHO this was not the proper time for this kind of
> advisories considering the fact that many companies are in a freeze
> period.
>
> Cheers
>
> --
> George Kontostanos
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"


More information about the freebsd-stable mailing list