Date: Tue, 11 Oct 2005 18:37:00 +0200 From: jimmy@inet-solutions.be To: jere <jere@htnet.hr> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl Message-ID: <1129048620.434bea2c6b7ab@webmail.boxke.be> In-Reply-To: <434BBF09.6040101@htnet.hr> References: <200510111202.j9BC2obf081876@freefall.freebsd.org> <1129036481.434bbac1720a6@webmail.boxke.be> <434BBF09.6040101@htnet.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
> jimmy@inet-solutions.be wrote: > > Quoting FreeBSD Security Advisories <security-advisories@freebsd.org>: > > > > > >>============================================================================= > >>FreeBSD-SA-05:21.openssl Security > Advisory > >> The FreeBSD > Project > > > > [..] > > > >>c) Recompile the operating system as described in > >><URL: > >>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >. > > > > > > Is there any reason why one would need to compile the whole operating > system? > > I can understand that static linked apps need to be recompiled, but which > > are there actually any at all (and linked against openssl)? > > > > Kind regards, > > Jimmy Scott > > > > ---------------------------------------------------------------- > > This message has been sent through ihosting.be > > To report spamming or other unaccepted behavior > > by a iHosting customer, please send a message > > to abuse@ihosting.be > > ---------------------------------------------------------------- > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > > Quoting jere <jere@htnet.hr>: > unfortunately, this is the dark side of FreeBSD security patch > management :) and I think also the main reason FreeBSD isn't so widely > deployed into enterprise environments. It's ok for hacking or managing > few boxes but try to imagine how to manage security on hundreds of them > this way. :( > > on the other side (bright side :) you can try to use unofficial and > often somewhat slowly updating solutions such as bsdupdate > (www.bsdupdates.com) or freebsd-update (from ports tree). > > currently, FreeBSD just don't have a mechanism to handle security > advisories in quick way. > > any suggestions/corrections ? > > j. > What I meant was: "why compile everything instead of just openssl" I'm thinking about this question since the last openssl issue in FreeBSD. ---------------------------------------------------------------- This message has been sent through ihosting.be To report spamming or other unaccepted behavior by a iHosting customer, please send a message to abuse@ihosting.be ----------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1129048620.434bea2c6b7ab>