Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 11 Oct 2005 21:58:29 +0800
From:      "Mars G. Miro" <marsgmiro@gmail.com>
To:        jere@htnet.hr, freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
Message-ID:  <28edec3c0510110658s5d663d4et1a824174e20bf851@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 

> unfortunately, this is the dark side of FreeBSD security patch
> management :)  and I think also the main reason FreeBSD isn't so widely
> deployed into enterprise environments. It's ok for hacking or managing
> few boxes but try to imagine how to manage security on hundreds of them
> this way. :(

> on the other side (bright side :) you can try to use unofficial and
> often somewhat slowly updating solutions such as bsdupdate
> (www.bsdupdates.com) or freebsd-update (from ports tree).

> currently, FreeBSD just don't have a mechanism to handle security
> advisories in quick way.

> any suggestions/corrections ?

> j.


You can always designate a build box and NFS share /usr/obj and
/usr/src and have the other FreeBSD boxens mount this and then do an
install{world/kernel}

jimmy at inet-solutions.be wrote:
> Quoting FreeBSD Security Advisories <security-advisories at freebsd.org>:
>
>
>>=============================================================================
>>FreeBSD-SA-05:21.openssl                                    Security Advisory
>>                                                          The FreeBSD Project
>
> [..]
>
>>c) Recompile the operating system as described in
>><URL:
>>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >.
>
>
> Is there any reason why one would need to compile the whole operating system?
> I can understand that static linked apps need to be recompiled, but which
> are there actually any at all (and linked against openssl)?
>
> Kind regards,
> Jimmy Scott
>
> ----------------------------------------------------------------
> This message has been sent through ihosting.be
> To report spamming or other unaccepted behavior
> by a iHosting customer, please send a message
> to abuse at ihosting.be
> ----------------------------------------------------------------
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>


cheers
mars

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28edec3c0510110658s5d663d4et1a824174e20bf851>