From owner-freebsd-questions@FreeBSD.ORG Mon Sep 14 21:44:47 2009 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 210B61065672 for ; Mon, 14 Sep 2009 21:44:47 +0000 (UTC) (envelope-from erikt@midgard.homeip.net) Received: from ch-smtp01.sth.basefarm.net (ch-smtp01.sth.basefarm.net [80.76.149.212]) by mx1.freebsd.org (Postfix) with ESMTP id CF7098FC19 for ; Mon, 14 Sep 2009 21:44:46 +0000 (UTC) Received: from c83-255-48-78.bredband.comhem.se ([83.255.48.78]:60616 helo=falcon.midgard.homeip.net) by ch-smtp01.sth.basefarm.net with esmtp (Exim 4.68) (envelope-from ) id 1MnJKu-0004VI-4B for freebsd-questions@FreeBSD.org; Mon, 14 Sep 2009 23:43:50 +0200 Received: (qmail 27599 invoked from network); 14 Sep 2009 23:43:45 +0200 Received: from owl.midgard.homeip.net (10.1.5.7) by falcon.midgard.homeip.net with ESMTP; 14 Sep 2009 23:43:45 +0200 Received: (qmail 35330 invoked by uid 1001); 14 Sep 2009 23:43:45 +0200 Date: Mon, 14 Sep 2009 23:43:45 +0200 From: Erik Trulsson To: Mikel King Message-ID: <20090914214345.GA24467@owl.midgard.homeip.net> References: <4AAE95B2.5050409@sitpub.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) X-Originating-IP: 83.255.48.78 X-Scan-Result: No virus found in message 1MnJKu-0004VI-4B. X-Scan-Signature: ch-smtp01.sth.basefarm.net 1MnJKu-0004VI-4B aaf6fa8649931666a2e9cf85ea9921bd Cc: media@FreeBSD.org, freebsd-questions@FreeBSD.org, dgoodin@theregister.com, press@FreeBSD.org Subject: Re: reporter on deadline seeks comment about reported security bug in FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2009 21:44:47 -0000 On Mon, Sep 14, 2009 at 05:21:48PM -0400, Mikel King wrote: > > On Sep 14, 2009, at 3:12 PM, Dan Goodin wrote: > > > Hello, > > > > Dan Goodin, a reporter at technology news website The Register. > > Security > > researcher Przemyslaw Frasunek says versions 6.x through 6.4 of > > FreeBSD > > has a security bug. He says he notified the FreeBSD Foundation on > > August > > 29 and never got a response. We'll be writing a brief article about > > this. Please let me know ASAP if someone cares to comment. > > > > Kind regards, > > > > Dan Goodin > > 415-495-5411 > > Hasn't 6.x been End Of Lifed? Not at all. The 6.2 and earlier releases have been EOL'd, but 6.3 and 6.4 are still supported by the security team. 6.4 (and 6.x in general) will be supported until November 2010, which is more than a year away. (See http://security.freebsd.org/ for official EOL information.) > I mean considering that 8.0 is expected > to be released either later this month or early next, and 6.x will be > officially retired at that time, is it possible that this was > overlooked? Personally I don't think it's ever good to overlook > security, especially in the case of a root exploit. > > http://www.freebsd.org/releases/6.4R/announce.html -- Erik Trulsson ertr1013@student.uu.se