Date: Wed, 25 Apr 2001 12:24:47 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: "Karsten W. Rohrbach" <karsten@rohrbach.de> Cc: Kris Kennaway <kris@obsecurity.org>, "Andrew R. Reiter" <arr@watson.org>, Rich Morin <rdm@cfcl.com>, <freebsd-hackers@FreeBSD.ORG> Subject: Re: automated checking of Security Advisories Message-ID: <Pine.BSF.4.31.0104251221180.7028-100000@achilles.silby.com> In-Reply-To: <20010425164827.I17348@mail.webmonster.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 25 Apr 2001, Karsten W. Rohrbach wrote: > oldver: bind-8.2.2 > newver: bind-8.2.3 If we're going to flag insecure versions, I think a better way would be to list "minimum version", which would indicate the lowest numbered version you can safely run. This could also be incorporated into the Makefile for each port so that pkg_version could issue alerts even before security advisories are issued (or after, if you missed some advisories.) Of course, there's the issue of bind 8.x.x versus 9.x.x. I'm not sure how to resolve what minimum version would refer to. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0104251221180.7028-100000>