Date: Tue, 10 Apr 2001 15:43:47 -0700 (PDT) From: Nicole Harrington <nmh@daemontech.com> To: Ben Smithurst <ben@FreeBSD.org> Cc: freebsd-security@freebsd.org, Michael Bryan <fbsd-secure@ursine.com>, Michael Nottebrock <michaelnottebrock@gmx.net> Subject: Re: Security Announcements? Message-ID: <XFMail.010410154347.nmh@daemontech.com> In-Reply-To: <20010410215014.A8173@scientia.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10-Apr-01 Ben Smithurst wrote: > Michael Nottebrock wrote: > > >> It certainly is starting to irritate people running >> 4.2-Release. > > Well if you want the latest security fixes you shouldn't be running a > -release anyway, that's that the -stable branch is for. > Thats the most stupid thing I have every heard. I never knew that simply by running -STABLE I would not have any security problems and would not need patches or updates. As someone who runs many production level servers here is what I would want In order: 1) A notice that there is problem - So I can tcpwrap or shutdown said service until a patch is available. 2) A binary patch. Similiar to the Linux RPM.s and the BSDi patches. Just download and run. No compiles no installs. 3) A patch that everyone agrees works in an email or other notification that says, here's were you can get the patch, this works, here's what to do with it. From my perspective it took days for people to stop discussing what patch was best for ntpd and I still never heard a full resolution on the mailing list. No official blessing of a patch other than what I would get via CVSUP. I have production servers, I can't run a CVsup everyday, let alone a make world. Yes I may have missed a few mails or something. But expecting people to spend their days tracking down patches and notices abt problems kinda negates the whole idea of a security mailing and notification. The process seemed much better in the past, but lately, it has been much less than optimal. Just my 2C Nicole > -- > Ben Smithurst / ben@FreeBSD.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message ---------------------------------- E-Mail: Nicole <nmh@daemontech.com> Date: 10-Apr-01 Time: 15:26:44 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.010410154347.nmh>