From owner-freebsd-security Fri Apr 19 8: 8:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from mail.webmonster.de (datasink.webmonster.de [194.162.162.209]) by hub.freebsd.org (Postfix) with SMTP id D83B437B41B for ; Fri, 19 Apr 2002 08:08:48 -0700 (PDT) Received: (qmail 79258 invoked by uid 1000); 19 Apr 2002 15:09:09 -0000 Date: Fri, 19 Apr 2002 17:09:09 +0200 From: "Karsten W. Rohrbach" To: Doug Barton Cc: Brett Glass , security@FreeBSD.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020419170909.F78386@mail.webmonster.de> Mail-Followup-To: "Karsten W. Rohrbach" , Doug Barton , Brett Glass , security@FreeBSD.org References: <4.3.2.7.2.20020418143231.021d6840@nospam.lariat.org> <20020418180158.D8772-100000@zoot.corp.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="s5/bjXLgkIwAv6Hi" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020418180158.D8772-100000@zoot.corp.yahoo.com>; from DougB@FreeBSD.org on Thu, Apr 18, 2002 at 06:07:54PM -0700 X-Arbitrary-Number-Of-The-Day: 42 X-URL: http://www.webmonster.de/ X-Disclaimer: My opinions do not necessarily represent those of my employer X-Work-URL: http://www.ngenn.net/ X-Work-Address: nGENn GmbH, Schloss Kransberg, D-61250 Usingen-Kransberg, Germany X-Work-Phone: +49-6081-682-304 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --s5/bjXLgkIwAv6Hi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Doug Barton(DougB@FreeBSD.org)@2002.04.18 18:07:54 +0000: > The typical FreeBSD answer is, "Since YOU think it's a problem, > why don't YOU work to solve it?" However, since to my knowledge your > record of never actually contributing a line of code to the project > remains unblemished, I know you don't like that answer very much. doug, the "lines of code" argument does not apply to people supplying ideas, or experience from operations. take me for example, i am not much of a c coder, so i see it as a contribution to the world _not_ to put my sources out, them being pretty crappy and likely to screw up things badly. OTOH, i answer questions on the mailing lists and contribute my ideas to the community, all originating from my work expeieence with freebsd and other systems, you get the point. > I also think that the new RELENG_N_N idea is a good one, and it > may do your heart good to know that I took your point about not being able > to easily ascertain how many patches have been applied to a particular > point in that branch up with the release engineers just now. I agree that > it's valid, and should be easy to fix with newvers.sh, if it's not already > fixed (I haven't been following developments on that stuff too closely). how about including the tag of the last applied patches' corresponding security advisory for the RELENG_4_? what i did in my internal releases was including a date tag relating to a local changelog (including cvsup dates, local changes, and so on). this additionally gives a compile-time independent timestamp for the release. or, how about the "official" patch naming? "4.5-STABLE-p3" and the like? just a few ideas... regards, /k --=20 > "Afghanistan proved that expensive precision weapons save innocent lives,= =20 > and we need more of them." -- George W. Bush, 2002 State of the Union Add= ress KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --s5/bjXLgkIwAv6Hi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8wDMVM0BPTilkv0YRAnyTAJ0WuqyRgLYGRDunA60pFRA3AzKmxQCgogWE fsuJtinVXV/ylH74PXzRetc= =g5qg -----END PGP SIGNATURE----- --s5/bjXLgkIwAv6Hi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message