From owner-freebsd-hackers Mon Mar 20 13:57:15 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from tandem.milestonerdl.com (tandem.milestonerdl.com [204.107.138.1]) by hub.freebsd.org (Postfix) with ESMTP id 8905537BA14; Mon, 20 Mar 2000 13:56:52 -0800 (PST) (envelope-from marc@milestonerdl.com) Received: from tandem.milestonerdl.com (tandem.milestonerdl.com [204.107.138.1]) by tandem.milestonerdl.com (8.10.0/8.10.0) with ESMTP id e2KLtDQ03532; Mon, 20 Mar 2000 15:55:13 -0600 (CST) Date: Mon, 20 Mar 2000 15:55:12 -0600 (CST) From: Marc Rassbach To: Dave McKay Cc: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: ports security advisories.. In-Reply-To: <20000320154614.A63670@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Is it necessary to post ports security advisories? YES. Should they be on this list? You think not. And until a list exists for security on FreeBSD not related to core OS/packages, this is the best forum for it, as it relates to FreeBSD Security. On Mon, 20 Mar 2000, Dave McKay wrote: > Is it really necessary to post the ports security advisories? > The exploitable programs are not part of the FreeBSD OS, they > are third party software. I think the proper place for these > is the Bugtraq mailing list on securityfocus.com. Also to add > to the arguments, most of the advisories are not FreeBSD > specific. > > -- > Dave McKay > Network Engineer - Google Inc. > dave@mu.org - dave@google.com > I'm feeling lucky... > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message