Date: Mon, 20 Mar 2000 21:22:55 -0600 (CST) From: Frank Tobin <ftobin@uiuc.edu> To: FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG> Subject: Re: ports security advisories.. Message-ID: <Pine.BSF.4.21.0003202121020.30844-100000@isr4033.urh.uiuc.edu> In-Reply-To: <20000320154614.A63670@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dave McKay, at 15:46 -0600 on Mon, 20 Mar 2000, wrote: > Is it really necessary to post the ports security advisories? > The exploitable programs are not part of the FreeBSD OS, they > are third party software. I think the proper place for these > is the Bugtraq mailing list on securityfocus.com. Also to add > to the arguments, most of the advisories are not FreeBSD > specific. These advisories can often be considered FreeBSD specific because they can rely on how the port is maintained. For example, might they depend on whether we install the program setuid root or games, or if we accidentally might be applying a patch that could open/close the hole. -- Frank Tobin http://www.neverending.org/~ftobin/ "To learn what is good and what is to be valued, those truths which cannot be shaken or changed." Myst: The Book of Atrus To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003202121020.30844-100000>