From owner-freebsd-security@freebsd.org Sat Aug 29 16:29:23 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C22C19C5E5B for ; Sat, 29 Aug 2015 16:29:23 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from slim.berklix.org (slim.berklix.org [94.185.90.68]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5370D3B6 for ; Sat, 29 Aug 2015 16:29:22 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from mart.js.berklix.net (p5083CCB5.dip0.t-ipconnect.de [80.131.204.181]) (authenticated bits=128) by slim.berklix.org (8.14.5/8.14.5) with ESMTP id t7TGWfSX018446 for ; Sat, 29 Aug 2015 18:32:41 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id t7TGTFS3007574 for ; Sat, 29 Aug 2015 18:29:15 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id t7TGT3nn084958 for ; Sat, 29 Aug 2015 18:29:15 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201508291629.t7TGT3nn084958@fire.js.berklix.net> To: freebsd-security@freebsd.org Subject: Is there a policy to delay & batch errata security alerts ? From: "Julian H. Stacey" Organization: http://berklix.com BSD Linux Unix Consultants, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com/~jhs/cv/ Date: Sat, 29 Aug 2015 18:29:02 +0200 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Aug 2015 16:29:23 -0000 Re. 8 Errata & Advisories since Fri, 14 Aug 2015 00:06:45 +0000 10.2-RELEASE announcement. eg Sender: owner-freebsd-announce@freebsd.org To: FreeBSD Errata Notices Each release, a wave of alerts flood after. The bigger the wave, the more users will have insufficient time, & skip the lot. Moving some of the flood away from after release weeks would increase their security. New bug alerts on new releases are OK immediately, but some alerts seem perhaps existing issues delayed to check & also include latest release, they add to the flood & could be alerted some earlier, some later ? Presumably there's no delays eg for PR, giving longer quiet periods before a release, slipping out bad news immediately after good. What else might be causing batch flooding of alerts ? Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Reply after previous text, like a play - Not before, which looses context. Indent previous text with "> " Insert new lines before 80 chars. Send plain text, Not quoted-printable, Not HTML, Not ms.doc, Not base64. Subsidise contraception V. Global warming, pollution, famine, migration.