From owner-freebsd-hackers Wed Apr 25 10:25: 7 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from silby.com (adam042-060.resnet.wisc.edu [146.151.42.60]) by hub.freebsd.org (Postfix) with ESMTP id 7C0D137B424 for ; Wed, 25 Apr 2001 10:24:57 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 7147 invoked by uid 1000); 25 Apr 2001 17:24:47 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 25 Apr 2001 17:24:47 -0000 Date: Wed, 25 Apr 2001 12:24:47 -0500 (CDT) From: Mike Silbersack To: "Karsten W. Rohrbach" Cc: Kris Kennaway , "Andrew R. Reiter" , Rich Morin , Subject: Re: automated checking of Security Advisories In-Reply-To: <20010425164827.I17348@mail.webmonster.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 25 Apr 2001, Karsten W. Rohrbach wrote: > oldver: bind-8.2.2 > newver: bind-8.2.3 If we're going to flag insecure versions, I think a better way would be to list "minimum version", which would indicate the lowest numbered version you can safely run. This could also be incorporated into the Makefile for each port so that pkg_version could issue alerts even before security advisories are issued (or after, if you missed some advisories.) Of course, there's the issue of bind 8.x.x versus 9.x.x. I'm not sure how to resolve what minimum version would refer to. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message