Date: Fri, 21 Jun 2002 07:51:13 -0700 (PDT) From: Frank Mayhar <frank@exit.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Frank Mayhar <frank@exit.com>, Patrick Thomas <root@utility.clubscholarship.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: inuring FreeBSD to the apache bug without upgrading apache ? Message-ID: <200206211451.g5LEpDYL016466@realtime.exit.com> In-Reply-To: <20020621004953.A80059@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > On Thu, Jun 20, 2002 at 07:33:54PM -0700, Frank Mayhar wrote: > > Kris Kennaway wrote: > > > Surely it's easier to just upgrade the apache port, instead of > > > recompiling your kernel and the entire OS. > > Not always. (I'm running an old version of Covalent Raven SSL and I'm > > loathe to upgrade. "If it works, don't fix it" and there are only so > > many hours in a day.) > The exact same argument can be made for not upgrading the OS, which is > a much larger endeavour and can potentially screw things up much > worse. Yep. Which is why the only times I've upgraded the kernel on my production boxes have been when there is a critical fix that I _had_ to install, usually a security fix. -- Frank Mayhar frank@exit.com http://www.exit.com/ Exit Consulting http://www.gpsclock.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206211451.g5LEpDYL016466>