From owner-freebsd-security@freebsd.org  Wed Jan 29 09:42:18 2020
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7AF5E1D1612
 for <freebsd-security@mailman.nyi.freebsd.org>;
 Wed, 29 Jan 2020 09:42:18 +0000 (UTC)
 (envelope-from SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 486z6K3pwDz4N4h;
 Wed, 29 Jan 2020 09:42:17 +0000 (UTC)
 (envelope-from SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz)
Received: from elsa.codelab.cz (localhost [127.0.0.1])
 by elsa.codelab.cz (Postfix) with ESMTP id 4EDF02842F;
 Wed, 29 Jan 2020 10:42:14 +0100 (CET)
Received: from illbsd.quip.test (ip-62-24-92-232.net.upcbroadband.cz
 [62.24.92.232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by elsa.codelab.cz (Postfix) with ESMTPSA id 0F7082842E;
 Wed, 29 Jan 2020 10:42:13 +0100 (CET)
Subject: Re: @freebsdsecurity Twitter handle?
To: koobs@FreeBSD.org, Royce Williams <royce@techsolvency.com>,
 freebsd-security@freebsd.org
References: <CA+E3k92tsHnfG10XWh=UCmz=AMitrcQQ26dJk4zg9gnSd34YHQ@mail.gmail.com>
 <17390aa6-cf0a-6719-f573-9aca6df8a133@FreeBSD.org>
From: Miroslav Lachman <000.fbsd@quip.cz>
Message-ID: <10370c52-5446-ae64-6d08-572abf76957d@quip.cz>
Date: Wed, 29 Jan 2020 10:42:13 +0100
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101
 Firefox/52.0 SeaMonkey/2.49.3
MIME-Version: 1.0
In-Reply-To: <17390aa6-cf0a-6719-f573-9aca6df8a133@FreeBSD.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 486z6K3pwDz4N4h
X-Spamd-Bar: +++++
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=none (mx1.freebsd.org: domain of
 SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz has no SPF policy when checking
 94.124.105.4) smtp.mailfrom=SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz
X-Spamd-Result: default: False [5.06 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[];
 FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3];
 TO_DN_SOME(0.00)[];
 IP_SCORE(0.86)[ip: (0.35), ipnet: 94.124.104.0/21(0.17), asn: 42000(3.70),
 country: CZ(0.09)]; MIME_GOOD(-0.10)[text/plain];
 RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[quip.cz];
 AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(1.00)[0.999,0];
 RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 NEURAL_SPAM_LONG(1.00)[1.000,0];
 RCVD_IN_DNSWL_NONE(0.00)[4.105.124.94.list.dnswl.org : 127.0.10.0];
 R_SPF_NA(0.00)[];
 FORGED_SENDER(0.30)[000.fbsd@quip.cz,SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz];
 MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[];
 ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ];
 SUBJECT_ENDS_QUESTION(1.00)[];
 FROM_NEQ_ENVFROM(0.00)[000.fbsd@quip.cz,
 SRS0=9U43=3S=quip.cz=000.fbsd@elsa.codelab.cz]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 09:42:18 -0000

Kubilay Kocak wrote on 2020/01/29 03:53:
> On 29/01/2020 7:51 am, Royce Williams wrote:
>> Is the @freebsdsecurity Twitter handle managed by the security team? (If
>> so, looks like it's been fallow since 2016?)
>>
>> If not, is there an equivalent Twitter account that is official?
>>
> 
> Hi Royce,
> 
> I run @FreeBSDHelp, tweet about FreeBSD security related issues and SA's 
> / EN's when announced, and am not aware of an official security-oriented 
> presence on Twitter.
> 
> I've reached out to @FreeBSDSecurity on twitter to see if I can access 
> to the account to facilitate that.
> 
> Note: Other official accounts are @freebsd_portmgr and @freebsdcore
> 
> I registered @FreeBSDSecteam for potential official tweets by secteam & 
> ports-secteams, but haven't put it to use yet. I'll see if I can't get 
> something started

It is always good to have more channels for Security Advisories.
Can somebody convince FreeBSD Security Office to publish Advisories in 
vuln.xml at the same as on the website? It is FreeBSD's own tool to 
handle vulnerabilities but they are not there.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243702

Kind regards
Miroslav Lachman