Date: Sat, 30 Sep 2000 01:05:23 -0700 From: Jordan Hubbard <jkh@winston.osd.bsdi.com> To: "Brian F. Feldman" <green@FreeBSD.ORG> Cc: Roman Shterenzon <roman@xpert.com>, Kris Kennaway <kris@FreeBSD.ORG>, security@FreeBSD.ORG Subject: Re: cvs commit: ports/mail/pine4 Makefile (fwd) Message-ID: <97960.970301123@winston.osd.bsdi.com> In-Reply-To: Message from "Brian F. Feldman" <green@FreeBSD.ORG> of "Sat, 30 Sep 2000 00:24:00 EDT." <200009300424.e8U4O1533513@green.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> So, how about it? Should we set up a page so we have a URL to put in the > Pine insecurity notice that shows, "you can live without Pine"? I'd propose > the first two most popular mailers (it seems) after Pine: mutt and exmh. I seriously doubt anybody would be willing to go to that much trouble, making this suggestion sort of a no-op at best. It seems to me that we'll be getting just a tad like those 50's politicians who saw communists under every bed if we're just going to start blacklisting useful ports left and right without fixing them. If we can prove a vulnerability (and not just the risk of one, since risks are everywhere) then we should FIX the vulnerability and move on. We don't have to get the changes taken back and we don't have to do anything fancier than drop patches into the relevant ports directories. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97960.970301123>