From owner-freebsd-stable@FreeBSD.ORG Sat Dec 24 17:05:54 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F017F106564A for ; Sat, 24 Dec 2011 17:05:54 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 83B098FC08 for ; Sat, 24 Dec 2011 17:05:54 +0000 (UTC) Received: by wgbdr11 with SMTP id dr11so18806796wgb.31 for ; Sat, 24 Dec 2011 09:05:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Tz+5/NCF346+crgydEoANNubBH07x02wK/r4k9XWtxQ=; b=D9sC0vYHKPQ1GxBB7JPakVE/mA4kKRemi6WLmK/yVlTV3L0usxaPd3MOkDayEPi4kW AEguxTZVPWOC+H5SsNs721mMvG4NTnXK43r+CQHZ44ha4XAerWENfD1F+v6dv/l6TjlV 03GVtoQJFGzEaHBJom9HgxgjHjmUEM6XgyPp0= MIME-Version: 1.0 Received: by 10.216.135.154 with SMTP id u26mr10289025wei.20.1324744575638; Sat, 24 Dec 2011 08:36:15 -0800 (PST) Received: by 10.216.80.99 with HTTP; Sat, 24 Dec 2011 08:36:15 -0800 (PST) In-Reply-To: <4EF4A75C.2040609@my.gd> References: <4EF4A75C.2040609@my.gd> Date: Sat, 24 Dec 2011 08:36:15 -0800 Message-ID: From: Kurt Buff To: "freebsd-stable@freebsd.org" Content-Type: text/plain; charset=UTF-8 Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Dec 2011 17:05:55 -0000 On Fri, Dec 23, 2011 at 08:07, Damien Fleuriot wrote: > Hey up list, > > Look, just a rant here. > > > Who in *HELL* thought it would be a cool idea to release no less than > FOUR security advisories today ? I'm guessing the Security Officer and those with whom he consults. Just a thought, since that's who sent the email. > I mean, couldn't this have waited and remained undisclosed until monday ? Does "active exploitation in the wild" mean anything to you? > I for one do *NOT* relish the idea of updating 50+ boxes this evening > and tomorrow ! Sucks to be you. You knew the job was dangerous when you took it, and if you didn't, well, then, bummer, it's what comes with the territory. I just spent my day yesterday downing my entire server environment in the US to upgrade the electrical, and it was a paid holiday for the company. As a sysadmin, you should know that these things happen, and learn to deal with them. > Not to mention a whole lot of merchants and banks have toggled IT Freeze > a few weeks ago, to ensure xmas shopping doesn't get disturbed by > production changes. Yeah. It's hell being a professional. > Seriously, this is just irritating. Cry me a river. You should be thanking the team for getting the releases to you as fast as possible, so you can take effective measures ASAP. Kurt