From owner-freebsd-hackers Mon Mar 20 15:24:35 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 54F0537BD60; Mon, 20 Mar 2000 15:24:25 -0800 (PST) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e2KNlSC07286; Mon, 20 Mar 2000 15:47:28 -0800 (PST) Date: Mon, 20 Mar 2000 15:47:28 -0800 From: Alfred Perlstein To: Dave McKay Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: ports security advisories.. Message-ID: <20000320154728.G14789@fw.wintelcom.net> References: <20000320154614.A63670@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20000320154614.A63670@elvis.mu.org>; from dave@mu.org on Mon, Mar 20, 2000 at 03:46:14PM -0600 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Dave McKay [000320 14:18] wrote: > Is it really necessary to post the ports security advisories? > The exploitable programs are not part of the FreeBSD OS, they > are third party software. I think the proper place for these > is the Bugtraq mailing list on securityfocus.com. Also to add > to the arguments, most of the advisories are not FreeBSD > specific. I don't agree, I monitor FreeBSD boxes almost exclusively and find that the recent additional advisories take less time to go through and since they are freebsd specific they help the average FreeBSD-joe upgrade with FreeBSD specific instructions. Also, considering the recent bugtraq postings about problems with FreeBSD ports when it was a 3rd party application... I think that it's a wise PR move. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message