Date: Fri, 08 Mar 2002 15:38:18 +0900 From: Makoto Matsushita <matusita@jp.FreeBSD.org> To: security-officer@FreeBSD.org, www@FreeBSD.org Subject: A patch for FreeBSD Security Information webpage Message-ID: <20020308153818M.matusita@jp.FreeBSD.org>
next in thread | raw e-mail | index | archive | help
<URL:http://www.FreeBSD.org/security/>; page is great for the FreeBSD users to get security information. However, it seems that it lacks some 4.5-RELEASE related information. . 1) Put a mark that 4.5-RELEASE was out In the list of SAs, there are marks that "FreeBSD 4.x-RELEASE released." It would be better to add a new mark for 4.5-RELEASE. Here is a patch: Index: security.sgml =================================================================== RCS file: /home/ncvs/www/en/security/security.sgml,v retrieving revision 1.83 diff -u -u -r1.83 security.sgml --- security.sgml 7 Mar 2002 15:29:14 -0000 1.83 +++ security.sgml 8 Mar 2002 06:27:46 -0000 @@ -128,6 +128,9 @@ <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:11.snmp.asc">FreeBSD-SA-02:11.snmp.asc</A></LI>; <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:10.rsync.asc">FreeBSD-SA-02:10.rsync.asc</A></LI>; <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.fstatfs.asc">FreeBSD-SA-02:09.fstatfs.asc</A></LI>; +</UL> +FreeBSD 4.5-RELEASE released. +<UL> <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc">FreeBSD-SA-02:08.exec.asc</A></LI>; <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc">FreeBSD-SA-02:07.k5su.asc</A></LI>; <LI><A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:06.sudo.asc">FreeBSD-SA-02:06.sudo.asc</A></LI>; I have no idea that 02:09 is *after* 4.5-RELEASE or not (it was announced after 4.5-RELEASE, but 4.5-RELEASE does *not* affected). 2) Note that 4.5-RELEASE is a target release for SAs. In this webpage, there is a pharase that: At this time, security advisories are being released for: FreeBSD 3.5.1-STABLE (remotely exploitable vulnerabilities only) FreeBSD 4.3-RELEASE FreeBSD 4.4-RELEASE FreeBSD 4.4-STABLE Yes, "4.5-RELEASE" is not mentioned. Would you please add 4.5-RELEASE to the list? And, 02:13 doesn't say anything about 4.3-RELEASE. RELENG_4_3 was not changed about OpenSSH. This means that 4.3-RELEASE is not *fully* supported release (read: remotely exploitable vulnerabilities only), just like 3-stable ? Thanks in advance, -- - Makoto `MAR' Matsushita To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-www" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020308153818M.matusita>