From owner-freebsd-questions@freebsd.org  Wed Mar 16 12:27:11 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 84B8BAD0EF9;
 Wed, 16 Mar 2016 12:27:11 +0000 (UTC)
 (envelope-from kraduk@gmail.com)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com
 [IPv6:2a00:1450:400c:c09::235])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 1C463D08;
 Wed, 16 Mar 2016 12:27:11 +0000 (UTC)
 (envelope-from kraduk@gmail.com)
Received: by mail-wm0-x235.google.com with SMTP id p65so187531242wmp.1;
 Wed, 16 Mar 2016 05:27:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc; bh=oBSePLZcjdXvJvdDIy7WdDmln58XB8dRBcAaHrKhsW4=;
 b=dS7BxtaYNp7YwYmPQuoc+FM6fUzHsVuXSoaiIcE5Jeh9/YxCNF1EquyjFSe0HCNkli
 DQiXCxWFKg61eNaU/SkLQwzthxfAXtWBxqPzFDbbKedd9i2ca3/xS0qJE7DnSiF9q6j0
 jNpr0edKgdToEl9IgOQEyRujxteJUnQAT9DnfNF+Euqo3uaneZpuNHOFKzWIVND2vkDH
 je5TXpHnVPSD7HM49tJ1aEYqBsPTqSnnap1XUNiSMweuNxx1Xbs26AMDZjA9tc5StbRg
 IS9tqNNUlNxOsGtNLiHDvhyOdKbUiFgtPnkxAuFfKkPZx9N6VeEquH28NUOGwkbuukXW
 b5Mg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:cc;
 bh=oBSePLZcjdXvJvdDIy7WdDmln58XB8dRBcAaHrKhsW4=;
 b=bgGUz79YYJ8uwGe6CoI+VY0VhwyKgPHb1M2q4G5IJG8ngXbVT14XEg/8KH+DZ5PRbE
 VdDME/3zYGGVIBvW4Hn3wgj6m7S81n4bwzOC4V4p+uZkWM1ojS9NsjrNR1G8zoGnENbP
 OlkSZEjUuX1jMI204FKdgryaa45Y2JtADpROWYnBqd8imOdACboqLaHQnYme8ptjIyau
 2XgrszDDmxf83EtUU4gcjzf/t2kN6NfKAnl9+FkpUFv8aGKjcz8pfkcimZXf4EgMURAa
 UU0EPrMEuKonGS5Adl6okU+OgpxjINfGCHodLWwDbwJvNY0UJ3YRsz27Z1uP1uXXd5mL
 LAhA==
X-Gm-Message-State: AD7BkJJNMEl0s6pJeig4Futpd7Dy2F8iAy+ttjk3YHHMsZPpMRgiAr1Q571EMGyYFFxUPNM+GwM3gxrYLUnJWQ==
MIME-Version: 1.0
X-Received: by 10.194.113.130 with SMTP id iy2mr3560355wjb.56.1458131229269;
 Wed, 16 Mar 2016 05:27:09 -0700 (PDT)
Received: by 10.28.46.68 with HTTP; Wed, 16 Mar 2016 05:27:09 -0700 (PDT)
In-Reply-To: <91216ae32782a50986763e7bc1c3a339@dweimer.net>
References: <EEFD0376-2038-4801-9A7A-BF342B66F029@lafn.org>
 <20160305181742.9c3abe96.freebsd@edvax.de>
 <DE7BAC1A-0B40-4B2A-861A-6AE7B16FAC0D@lafn.org>
 <DBC62E3B-B07D-4A3F-AD22-E3EB62484725@lafn.org>
 <alpine.BSF.2.20.1603152209110.3734@wonkity.com>
 <D7F159DB-757F-4637-A9A7-B9F4C10F665C@lafn.org>
 <91216ae32782a50986763e7bc1c3a339@dweimer.net>
Date: Wed, 16 Mar 2016 12:27:09 +0000
Message-ID: <CALfReyfy0tL1m+4sSSYMZXH6JrhnhbK7g3jvxQYjL=SGg+J4fw@mail.gmail.com>
Subject: Re: Upcoming Releases
From: krad <kraduk@gmail.com>
To: dweimer@dweimer.net
Cc: Doug Hardie <bc979@lafn.org>, Polytropon <freebsd@edvax.de>, 
 FreeBSD Questions <freebsd-questions@freebsd.org>,
 owner-freebsd-questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.21
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 12:27:11 -0000

That was my understanding of it, and the worry was the package builds could
have been compromised. Therefore everything was rebuilt from scratch after
an audit had happened.

On 16 March 2016 at 11:23, dweimer <dweimer@dweimer.net> wrote:

> On 2016-03-16 12:20 am, Doug Hardie wrote:
>
>> On 15 March 2016, at 21:11, Warren Block <wblock@wonkity.com> wrote:
>>>
>>> On Wed, 9 Mar 2016, Doug Hardie wrote:
>>>
>>> I recently saw a comment in one of the maillists that 11.0 was likely to
>>>> have the new packetized base feature.  That tells me that 11.0 is most
>>>> likely to be dicey to work with.  I am reminded when the new pkg system
>>>> came out and the supporting servers were compromised.
>>>>
>>>
>>> To the best of my knowledge, there was no relation between pkg and any
>>> compromises.
>>>
>>
>> There was a period where the regular pkg servers were not available
>> because they had to be rebuilt.  I don't recall the dates.  It was not
>> pkg_ng, but the first major revision to pkg after that.
>>
>>
> It wasn't because of the pkg / pkg_ng update though, if memory servers me
> correct a committer's username/password was comprised. It was just a
> coincidence that it happened around the same time update, but wasn't
> related to it.
>
> --
> Thanks,
>    Dean E. Weimer
>    http://www.dweimer.net/
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe@freebsd.org"
>