From owner-freebsd-security@FreeBSD.ORG Wed Apr 9 18:04:24 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BDE0BFB1 for ; Wed, 9 Apr 2014 18:04:24 +0000 (UTC) Received: from mail-oa0-x230.google.com (mail-oa0-x230.google.com [IPv6:2607:f8b0:4003:c02::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 847B41A08 for ; Wed, 9 Apr 2014 18:04:24 +0000 (UTC) Received: by mail-oa0-f48.google.com with SMTP id m1so3164322oag.35 for ; Wed, 09 Apr 2014 11:04:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VLHufwgr7/c+46PKCraWXzkxWhnrTBZsW0olLP0U5wc=; b=HZm/1R4PYhRJHVX4V4IT3hvy/lRMzqqYGs6kEEnXKrTCexFMDLIrztSZzNF1TTD8/A UTyrBA/2N2cEjoOhcW6d7CHgGrUgj51TvCjngn8/9gFN0kLYz5zBBo46vK/ZBaChfOYu 815buaQKOgKLigruLr4CiWBFbQ5FCR+W7diEjcZo9hlMOaWAzJSiprQnWvC+yfx/204w TjaVdpSQrQDghQ1DSYBY/WePGbx5DJ26CLFdSyoezrPNh8jeGpZBbAR02nQIxLP4PsOM QyRtKI/wrnc/TYtOyKY3X9ytUG7+0Qupy6M52T+pa6HOhD0UvO9YXch+cDtxzeagRuw6 0AfQ== MIME-Version: 1.0 X-Received: by 10.60.16.103 with SMTP id f7mr9892432oed.8.1397066663837; Wed, 09 Apr 2014 11:04:23 -0700 (PDT) Received: by 10.182.123.17 with HTTP; Wed, 9 Apr 2014 11:04:23 -0700 (PDT) In-Reply-To: References: <9eeba1ab-2ab0-4188-82aa-686c5573a5db@me.com> <8D81F198-36A7-47F4-B486-DA059910A6B4@spam.lifeforms.nl> Date: Wed, 9 Apr 2014 11:04:23 -0700 Message-ID: Subject: Re: Proposal From: jungleboogie0 To: Pawel Biernacki Content-Type: text/plain; charset=UTF-8 Cc: freebsd-security@freebsd.org, Kimmo Paasiala , Walter Hop , =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 18:04:24 -0000 Hi Pawel, On 9 April 2014 10:50, Pawel Biernacki wrote: > On 9 April 2014 17:28, jungleboogie0 wrote: >> >> Please let us not forget that kernel.org was hacked and not detected >> for 17 days: http://www.theregister.co.uk/2011/08/31/linux_kernel_security_breach/ > > I don't know why you're bringing it up here, because FreeBSD had > similar problem some time ago > (http://www.freebsd.org/news/2012-compromise.html) and I think that we > had learnt a lot from it. > Interesting, I didn't know these were identical in nature. Thanks! >> I would rather was 24 hours for a fix that's been verified and >> reviewed over having to re-update the system. It looks like many linux >> distros had this updated before >> freeBSD but its a matter of hours we're talking about. >> > > -- > One of God's own prototypes. A high-powered mutant of some kind never > even considered for mass production. Too weird to live, and too rare to die. -- ------- inum: 883510009902611 sip: jungleboogie@sip2sip.info xmpp: jungle-boogie@jit.si