From owner-freebsd-security@FreeBSD.ORG Tue Oct 11 13:30:54 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A5F5A16A421 for ; Tue, 11 Oct 2005 13:30:54 +0000 (GMT) (envelope-from jere@htnet.hr) Received: from ls405.htnet.hr (ls405.htnet.hr [195.29.150.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED8D143D46 for ; Tue, 11 Oct 2005 13:30:53 +0000 (GMT) (envelope-from jere@htnet.hr) Received: from ls422.t-com.hr (ls422.t-com.hr [195.29.150.237]) by ls405.htnet.hr (0.0.0/8.12.10) with ESMTP id j9BDUcX3032165; Tue, 11 Oct 2005 15:30:46 +0200 Received: from ls422.t-com.hr (localhost.localdomain [127.0.0.1]) by ls422.t-com.hr (Qmlai) with ESMTP id BF58A988043; Tue, 11 Oct 2005 15:30:46 +0200 (CEST) X-Envelope-Sender: jere@htnet.hr X-Envelope-Sender: jere@htnet.hr Received: from ls422.t-com.hr (localhost.localdomain [127.0.0.1]) by ls422.t-com.hr (Qmlai) with ESMTP id A99B7988042; Tue, 11 Oct 2005 15:30:46 +0200 (CEST) Received: from [195.29.148.251] (bla.htnet.hr [195.29.148.251]) by ls422.t-com.hr (Qmlai) with ESMTP id 6AFE28B8071; Tue, 11 Oct 2005 15:30:46 +0200 (CEST) Message-ID: <434BBF09.6040101@htnet.hr> Date: Tue, 11 Oct 2005 15:32:57 +0200 From: jere Organization: bla User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050428) X-Accept-Language: en-us, en MIME-Version: 1.0 To: jimmy@inet-solutions.be References: <200510111202.j9BC2obf081876@freefall.freebsd.org> <1129036481.434bbac1720a6@webmail.boxke.be> In-Reply-To: <1129036481.434bbac1720a6@webmail.boxke.be> X-Enigmail-Version: 0.89.6.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Tue, 11 Oct 2005 13:38:52 +0000 Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2005 13:30:54 -0000 unfortunately, this is the dark side of FreeBSD security patch management :) and I think also the main reason FreeBSD isn't so widely deployed into enterprise environments. It's ok for hacking or managing few boxes but try to imagine how to manage security on hundreds of them this way. :( on the other side (bright side :) you can try to use unofficial and often somewhat slowly updating solutions such as bsdupdate (www.bsdupdates.com) or freebsd-update (from ports tree). currently, FreeBSD just don't have a mechanism to handle security advisories in quick way. any suggestions/corrections ? j. jimmy@inet-solutions.be wrote: > Quoting FreeBSD Security Advisories : > > >>============================================================================= >>FreeBSD-SA-05:21.openssl Security Advisory >> The FreeBSD Project > > [..] > >>c) Recompile the operating system as described in >>>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >. > > > Is there any reason why one would need to compile the whole operating system? > I can understand that static linked apps need to be recompiled, but which > are there actually any at all (and linked against openssl)? > > Kind regards, > Jimmy Scott > > ---------------------------------------------------------------- > This message has been sent through ihosting.be > To report spamming or other unaccepted behavior > by a iHosting customer, please send a message > to abuse@ihosting.be > ---------------------------------------------------------------- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >