From owner-freebsd-stable@FreeBSD.ORG Fri Dec 23 17:25:59 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 89C141065676 for ; Fri, 23 Dec 2011 17:25:59 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 1B86B8FC08 for ; Fri, 23 Dec 2011 17:25:58 +0000 (UTC) Received: by wgbdr11 with SMTP id dr11so17885194wgb.31 for ; Fri, 23 Dec 2011 09:25:58 -0800 (PST) Received: by 10.216.131.141 with SMTP id m13mr14050782wei.30.1324661158090; Fri, 23 Dec 2011 09:25:58 -0800 (PST) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id b5sm14405582wbh.4.2011.12.23.09.25.56 (version=SSLv3 cipher=OTHER); Fri, 23 Dec 2011 09:25:57 -0800 (PST) Message-ID: <4EF4B9A4.8060405@my.gd> Date: Fri, 23 Dec 2011 18:25:56 +0100 From: Damien Fleuriot User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0) Gecko/20111105 Thunderbird/8.0 MIME-Version: 1.0 To: Shawn Webb References: <4EF4A75C.2040609@my.gd> <4EF4B0B2.10709@rewt.org.uk> <4EF4B13E.2020109@my.gd> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Joe Holden , "freebsd-stable@freebsd.org" Subject: Goo lists to subscribe to hear quickly about vulns ? ( was: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 17:25:59 -0000 On topic, where do you guys subscribe to know of these vulns ahead of their release on the ML ? I'm subscribed to the BIND ML but I don't recall seeing an advisory there ahead of today. On 12/23/11 6:03 PM, Shawn Webb wrote: > Some people (like me) already knew about the vulnerabilities. And > others are already exploiting some of these vulnerabilities. > > Thanks, > > Shawn Webb > > On Fri, Dec 23, 2011 at 9:50 AM, Damien Fleuriot wrote: >> My point (which may or may not be valid) was that if the vulnerabilities >> remained *undisclosed*, they would have a much lower chance of being >> exploited. >> >> >> >> On 12/23/11 5:47 PM, Joe Holden wrote: >>> So don't update until Monday? The outcome will be the same :) >>> >>> Damien Fleuriot wrote: >>>> Hey up list, >>>> >>>> >>>> >>>> Look, just a rant here. >>>> >>>> >>>> Who in *HELL* thought it would be a cool idea to release no less than >>>> FOUR security advisories today ? >>>> >>>> I mean, couldn't this have waited and remained undisclosed until monday ? >>>> >>>> I for one do *NOT* relish the idea of updating 50+ boxes this evening >>>> and tomorrow ! >>>> >>>> >>>> Not to mention a whole lot of merchants and banks have toggled IT Freeze >>>> a few weeks ago, to ensure xmas shopping doesn't get disturbed by >>>> production changes. >>>> >>>> >>>> Seriously, this is just irritating. >>>> >>>> >>>> /flame >>>> _______________________________________________ >>>> freebsd-stable@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>> >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"