From owner-freebsd-ports@freebsd.org Wed Apr 4 07:00:59 2018 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 69E91F97446 for ; Wed, 4 Apr 2018 07:00:59 +0000 (UTC) (envelope-from thomas.e.zander@googlemail.com) Received: from mail-wr0-x232.google.com (mail-wr0-x232.google.com [IPv6:2a00:1450:400c:c0c::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EEBB48F30D for ; Wed, 4 Apr 2018 07:00:58 +0000 (UTC) (envelope-from thomas.e.zander@googlemail.com) Received: by mail-wr0-x232.google.com with SMTP id z73so20896376wrb.0 for ; Wed, 04 Apr 2018 00:00:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=iK/csvEGcmvved5f8BzuehvoFt93Qq+xvTtAB/GIrqY=; b=GdKuSVhM3rX1fzq+LyOK3JjDMA17/oxeoBck+aVr15/5kL5eV9Mek0mBv/UOYcl9Ix R9NxpDj8nmwi1GBKcuk3PN+fkdURsdFYO2y1OvRrPFbOa59+maURpk/pcAyO26PQE7D+ Aky07CURGJNgmoo9JMb65KcToZCdQaN/CJY0lIaBX5ZrZ+wDHKDPRhvHLPmMecerSIUh fKYDCMhRSxsGI0iOwddZCtZfjPGEXs/MHqbloMDPkm5cqD6n96uwao/eXOzwYewof4Y8 OfZffeWPp0zNU6UCed48F2Qpq9uldUsEpeo/8uLp1xacSQXFA51G/aDQ7VBaDYd2G/Ew 2xRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=iK/csvEGcmvved5f8BzuehvoFt93Qq+xvTtAB/GIrqY=; b=JciUOMSaWyhcMfBzq/FYTmbraKg1DE7DThbBlvakzRRYa/D9LB7VcrmPExtrFF7dcE SDpokoGKvALWzFFwXoJaotZ5Y23h3Vd+syhZO9XG904IOocgXzo6yZbUky2U+bOSnltX MY6jfAjTT0H0nOiRkEgofaeCJ/6UwjoD4YgM9jbM2dwE4Ip+RhLajNSvfNyb3b9oF0A7 yV0N2uko4aq549THv45yxX6GFuULFAmlSKqZVMT6TvgWr7B01HzgfTERqUZ+/VUvRAOr D8ZlPd/NC+2mPEvslqft2xDZl7HeTsOODawEDR9rFgKXky0mJamFFaZ5yJydoATaC4GR D7Bw== X-Gm-Message-State: AElRT7EvJ4pmbU8ILaZEgcXEL/2RFel7tds/lbI4958iPDFpUigTXEAI MeH/9Mzp65p0EbppOFZv3Fk1VcPunWqb3VjWfn2ddw== X-Google-Smtp-Source: AIpwx4+hvnpsm8kedTIzbavu1OefAv07dtV5GInE/tuHlEV7118AoOLAlOmyugAVWFCRWu1XhZ8P7UFWikeC3FrBes8= X-Received: by 10.223.169.232 with SMTP id b95mr12497405wrd.96.1522825257582; Wed, 04 Apr 2018 00:00:57 -0700 (PDT) MIME-Version: 1.0 Sender: thomas.e.zander@googlemail.com Received: by 10.28.135.14 with HTTP; Wed, 4 Apr 2018 00:00:57 -0700 (PDT) In-Reply-To: <3757bd87-a536-c3ae-ef71-1a68fe6c3e45@bluerosetech.com> References: <3757bd87-a536-c3ae-ef71-1a68fe6c3e45@bluerosetech.com> From: Thomas Zander Date: Wed, 4 Apr 2018 09:00:57 +0200 X-Google-Sender-Auth: gyC_93hBKJomBMQjv-7l91NkUCs Message-ID: Subject: Re: How to get timely MFH of security commits? To: Mel Pilgrim Cc: Freebsd Ports Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 07:00:59 -0000 Hi, On 2 April 2018 at 18:50, Mel Pilgrim wrote: > The update to net/samba4{5,6,7} addressing CVEs went to head on March 13. > The security/openssl update to 1.0.2o was committed to head with MFH 2018Q1 > explicitly asked for in the commit message. In both cases, 2018Q1 expired > before the MFH happened. > [...] > Can those of us who aren't committers do anything to help improve this > process? the timely MFH of important security fixes is of course our top concern. In the given example of the samba fixes, we did not receive an email (which happens automatically when the MFH: tag in the commit message refers to a quarterly branch) to ports-secteam on March 13, hence this apparently slipped our attention for several days. If you feel like an important and/or urgent fix that needs MFH might have slipped, i.e. two days after the commit to head happened, please do not hesitate and give us a heads-up to ports-secteam@freebsd.org. Best regards Riggs