Date: Fri, 4 Nov 2016 17:01:59 +0800 From: Gregory Orange <gregory.orange@calorieking.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-16:33.openssh Message-ID: <79b7122f-3b1a-377f-42bf-bd2851c5e6ae@calorieking.com> In-Reply-To: <24ff198d-9bd2-9842-50d8-8a1d5e2ecf8a@FreeBSD.org> References: <20161102075533.8BBA114B5@freefall.freebsd.org> <201611021357.uA2DvHMW003088@higson.cam.lispworks.com> <CA%2B7WWSc%2B_Jjf%2BStVb2n367%2B7YSCw-RnGMTbT4nbaE88d_n57%2Bg@mail.gmail.com> <b8dcb2aa-4149-89ad-e519-8ce68922d0a8@FreeBSD.org> <24ff198d-9bd2-9842-50d8-8a1d5e2ecf8a@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/11/16 16:39, Kubilay Kocak wrote: > Security advisories should state explicitly when otherwise supported > versions are not vulnerable. It's surprising this isn't already the case. I disagree. If none of the version I have installed are listed, I don't read the rest of the advisory. Time saved. Listing them in a 'not affected' part of the message would add complexity and parsing for me - less time saved. Greg.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79b7122f-3b1a-377f-42bf-bd2851c5e6ae>