From owner-freebsd-stable@FreeBSD.ORG Fri Dec 23 17:30:12 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADD1C106567A for ; Fri, 23 Dec 2011 17:30:12 +0000 (UTC) (envelope-from lattera@gmail.com) Received: from mail-tul01m020-f182.google.com (mail-tul01m020-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id F0E4E8FC15 for ; Fri, 23 Dec 2011 17:30:09 +0000 (UTC) Received: by obbwd18 with SMTP id wd18so7968641obb.13 for ; Fri, 23 Dec 2011 09:30:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=HO8ZIDJ6mTCp9qQnu+VXp/u19cyTgmpfBqpea+pEcqA=; b=ZSlZHMZ/XVgacfn1ImoQfQ2sAAh4HeMYUkzcTpeeGvLfNOxE9E9Z90QrYc39evDMv8 hiKxSI3uhG5a6ZRFtwY8eIgTS72Negzcy8ZRaAH6kE3N5E7wIX4i7Tm9Ef7n5ADh0cRX BSRTTREOvaGYUJ9eV1jscSsd+9HhILSL3e/oA= MIME-Version: 1.0 Received: by 10.182.76.134 with SMTP id k6mr5218713obw.10.1324661409359; Fri, 23 Dec 2011 09:30:09 -0800 (PST) Received: by 10.182.56.134 with HTTP; Fri, 23 Dec 2011 09:30:09 -0800 (PST) In-Reply-To: <4EF4B9A4.8060405@my.gd> References: <4EF4A75C.2040609@my.gd> <4EF4B0B2.10709@rewt.org.uk> <4EF4B13E.2020109@my.gd> <4EF4B9A4.8060405@my.gd> Date: Fri, 23 Dec 2011 10:30:09 -0700 Message-ID: From: Shawn Webb To: Damien Fleuriot Content-Type: text/plain; charset=ISO-8859-1 Cc: Joe Holden , "freebsd-stable@freebsd.org" Subject: Re: Goo lists to subscribe to hear quickly about vulns ? ( was: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 17:30:12 -0000 I usually hear about them from other people. I also subscribe to the full-disclosure mailinglist. On Fri, Dec 23, 2011 at 10:25 AM, Damien Fleuriot wrote: > On topic, where do you guys subscribe to know of these vulns ahead of > their release on the ML ? > > I'm subscribed to the BIND ML but I don't recall seeing an advisory > there ahead of today. > > > On 12/23/11 6:03 PM, Shawn Webb wrote: >> Some people (like me) already knew about the vulnerabilities. And >> others are already exploiting some of these vulnerabilities. >> >> Thanks, >> >> Shawn Webb >> >> On Fri, Dec 23, 2011 at 9:50 AM, Damien Fleuriot wrote: >>> My point (which may or may not be valid) was that if the vulnerabilities >>> remained *undisclosed*, they would have a much lower chance of being >>> exploited. >>> >>> >>> >>> On 12/23/11 5:47 PM, Joe Holden wrote: >>>> So don't update until Monday? The outcome will be the same :) >>>> >>>> Damien Fleuriot wrote: >>>>> Hey up list, >>>>> >>>>> >>>>> >>>>> Look, just a rant here. >>>>> >>>>> >>>>> Who in *HELL* thought it would be a cool idea to release no less than >>>>> FOUR security advisories today ? >>>>> >>>>> I mean, couldn't this have waited and remained undisclosed until monday ? >>>>> >>>>> I for one do *NOT* relish the idea of updating 50+ boxes this evening >>>>> and tomorrow ! >>>>> >>>>> >>>>> Not to mention a whole lot of merchants and banks have toggled IT Freeze >>>>> a few weeks ago, to ensure xmas shopping doesn't get disturbed by >>>>> production changes. >>>>> >>>>> >>>>> Seriously, this is just irritating. >>>>> >>>>> >>>>> /flame >>>>> _______________________________________________ >>>>> freebsd-stable@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >>>> >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"