Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 06 Apr 2001 13:04:31 -0700
From:      "Bruce A. Mah" <bmah@FreeBSD.ORG>
To:        Roger Marquis <marquis@roble.com>
Cc:        security@FreeBSD.ORG
Subject:   Re: http://www.freebsd.org/security being maintained? (ntpd/ftpd/...) 
Message-ID:  <200104062004.f36K4Vc96330@bmah-freebsd-0.cisco.com>
In-Reply-To: <Pine.BSF.4.21.0104042009120.3808-100000@roble.com> 
References:  <Pine.BSF.4.21.0104042009120.3808-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
--==_Exmh_338369850P
Content-Type: text/plain; charset=us-ascii

If memory serves me right, Roger Marquis wrote:
> Is anyone maintaining http://www.freebsd.org/security/?  I ask
> because it hasn't been updated in over a month and contains no
> information on the ntpd or ftpd vulnerabilities.

Well, for the ntpd problem, that just cropped up in the last 48 hours, 
and the latest commits to -CURRENT and -STABLE happened within the last
4 hours.  It's kind of premature to issue an advisory before the 
problem has been completely fixed...give security-officer@ a break, 
already...  :-)

That being said, you do have a point in that the Web page isn't
up-to-date.  I'll add that the FTP archive of advisories is missing
several files as well.  

As a result, the release notes cross-reference security advisories that
no one can find (specifically 01:28 and 01:29). 

I don't know if this more the domain of the Web site maintainers or the
security-officer team, but it'd be real nice to get these two things
fixed up before 4.3-RELEASE.  Anyone?  Thanks from Mr. Relnotes.

Cheers,

Bruce.



--==_Exmh_338369850P
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: Exmh version 2.2 06/23/2000

iD8DBQE6ziFO2MoxcVugUsMRAus/AKD51aIPwzEKiDr0MUNJNwyYTTIVdgCfWq8A
KXdX42Elg3hMjRfMTY7LhaI=
=GnfW
-----END PGP SIGNATURE-----

--==_Exmh_338369850P--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104062004.f36K4Vc96330>