From owner-freebsd-security@FreeBSD.ORG Thu Sep 18 07:57:59 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5362316A4BF for ; Thu, 18 Sep 2003 07:57:59 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8224543FE1 for ; Thu, 18 Sep 2003 07:57:58 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 2CC3754861; Thu, 18 Sep 2003 09:57:58 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id BC19D6D454; Thu, 18 Sep 2003 09:57:57 -0500 (CDT) Date: Thu, 18 Sep 2003 09:57:57 -0500 From: "Jacques A. Vidrine" To: Nielsen Message-ID: <20030918145757.GE32994@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , Nielsen , freebsd-security@freebsd.org References: <3F68FE17.5050700@memberwebs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3F68FE17.5050700@memberwebs.com> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: freebsd-security@freebsd.org Subject: Re: ftp.freebsd.org out of date? (WRT security advisories) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Sep 2003 14:57:59 -0000 On Thu, Sep 18, 2003 at 12:39:47AM +0000, Nielsen wrote: > It seems (at least for me) the patches on ftp.freebsd.org are out of > date for the 03:12 security advisory (openssh). ftp2.freebsd.org has > them fine. > > I'm wondering if this is a mirror issue or perhaps round-robin DNS problem? > > What compounds the issue is that right now the old openssh 3.7 patches > are there (on ftp.freebsd.org), but not the 3.7.1 patches (which can be > found on ftp2.freebsd.org). This could conceivably cause someone to miss > a patch. > > Am i doing something wrong? If not, then this is just a little heads up. > Perhaps it would be better to include ftp2.freebsd.org links in the > security advisories. > > Hate to complain. The FreeBSD security team has done a great job, > especially in the midst of this whole openssh mess. I always manually update ftp.freebsd.org (62.243.72.50) and ftp2.freebsd.org. The problem is, it seems, that recently a 2nd ftp.freebsd.org was added to DNS. (Seems like a really bad idea to me, but *shrug*.) I do not have access to this new machine, and indeed I'm not sure exactly who runs it. It is on my TODO list to find out and ask for a means to run manual updates there as well. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se