From owner-freebsd-security Thu Jul 13 13:10:47 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id EC89B37C5FC for ; Thu, 13 Jul 2000 13:10:42 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id OAA27028; Thu, 13 Jul 2000 14:10:17 -0600 (MDT) Message-Id: <4.3.2.7.2.20000713140559.04b7aec0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Thu, 13 Jul 2000 14:10:12 -0600 To: Matt Heckaman From: Brett Glass Subject: Re: Two kinds of advisories? Cc: security@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20000713120631.04d53b60@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:55 PM 7/13/2000, Matt Heckaman wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >*sigh* Yeah.. This has been bugging me for a while too. It creates alot of >misinformation about FreeBSD and makes us look worse than what the truth >is. Ever go to any of the uhm.. "security" sites and do a search on FreeBSD? Yep. You get tons of hits. A recent article also overestimated the number of security problems in FreeBSD because the person who compiled the statistics used message headers from Bugtraq and didn't cull the problems which were due to ports. One way to deal with this problem would be to remove the name FreeBSD from the header altogether, labeling the effort to report bugs in ports with some other name. Other ideas? --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message