Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 15 Mar 2022 04:18:29 +0000
From:      Graham Perrin <grahamperrin@gmail.com>
To:        questions@freebsd.org
Subject:   FreeBSD: security
Message-ID:  <4b42203b-967e-2c0e-0cba-aeae6ed5d76c@gmail.com>
In-Reply-To: <My92WAE--3-2@tutanota.com>
References:  <My92WAE--3-2@tutanota.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Please see <https://www.freebsd.org/security/>.

In context, from <https://www.freebsd.org/about/>:

"FreeBSD … focuses on features, speed, and stability. …"


On 14/03/2022 20:10, iio7@tutanota.com wrote:
> I have just finished reading through tons of security bug reports in 
> the FreeBSD
> bug report archive,

If you mean reports that are visible to the public, please link to one 
that concerns you.

Security bug reports 
<https://bugs.freebsd.org/bugzilla/describecomponents.cgi?product=Security>; 
are not visible to the public.


> also normal bugs,

Not to be confused with security issues.


> and I am "scared" about the lack of attention these issues get.
>
> It's like no one "cares", or the few that does is simply overburden.
>
> This proposal from 2018, with the problems it lists, still seems very 
> valid:
>
> https://web.archive.org/web/20210401214138/https://lists.freebsd.org/pipermail/freebsd-arch/2018-March/018892.html

Without the Wayback Machine:

<https://lists.freebsd.org/pipermail/freebsd-arch/2018-March/018892.html>;

Overview:

<https://markmail.org/message/mwcawe7jewed2mop>;


> Are any of you - who runs FreeBSD in production (please home labs,
> desktop/laptop use, don't reply) - not worried about the current state 
> of affairs?

I'll not respond to that point.

> Am I missing something?


Readers may note the security aspects of things such as these:

<https://lists.freebsd.org/archives/freebsd-security/2022-February/000015.html>;

<https://cgit.freebsd.org/src/log/?h=stable%2F13&qt=grep&q=openssh>;

<https://www.freebsd.org/status/report-2021-10-2021-12/>;

<https://cgit.freebsd.org/src/log/?qt=grep&q=-Wfortify-source>;
<https://freebsd.markmail.org/thread/focplj4af4ttjzoe>;
<https://www.netbsd.org/gallery/presentations/khorben/asiabsdcon2017/Hardening%20pkgsrc.html>;

Hope that helps,

Graham

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4b42203b-967e-2c0e-0cba-aeae6ed5d76c>