Date: Sun, 5 Aug 2007 14:58:54 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Josh Paetzel <josh@tcbug.org> Cc: freebsd-security@freebsd.org, John Freeman <quake2k@mail.ru> Subject: Re: Fw: FreeBSD Security Advisory FreeBSD-SA-07:07.bind Message-ID: <20070805125853.GA1023@zaphod.nitro.dk> In-Reply-To: <20070805124144.GH83613@tcbug.org> References: <001a01c7d4ee$d73f3fe0$26c39605@A3000> <20070802105338.GA1088@zaphod.nitro.dk> <20070805124144.GH83613@tcbug.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2007.08.05 07:41:44 -0500, Josh Paetzel wrote: > Simon L. Nielsen wrote: > > > RELENG_6 was already fixed 2007-07-25 08:23:08 UTC by dougb, so the > > patch wasn't tested against RELENG_6 at all but only against the > > release / security branches. Most of the time the released patches > > will work against the stable branches, but not always. > > This is sort of an unusual situation isn't it, where RELENG_6 is fixed > prior to the SA being released? Not really unusual although many advisories have all branches fixed at the same time. The same happened for FreeBSD-SA-07:02.bind and FreeBSD-SA-07:03.ipv6, though it was only two days between RELENG_X and advisory in those cases. In this case the time between RELENG_X fix and advisory was a bit longer since dougb was very fast in getting HEAD/RELENG_[56] fixed and we couldn't get it all ready the week the BIND vulnerability was announced. > If so it might have been useful for > the SA to say something about affecting STABLE before xxxx-xx-xx where > xxxx-xx-xx is the date that the fix was committed. It actually already does since it's part of the normal advisory header information: [Quoting FreeBSD-SA-07:07.bind] Corrected: 2007-07-25 08:23:08 UTC (RELENG_6, 6.2-STABLE) 2007-08-01 20:44:58 UTC (RELENG_6_2, 6.2-RELEASE-p7) 2007-08-01 20:45:49 UTC (RELENG_6_1, 6.1-RELEASE-p19) 2007-07-25 08:24:40 UTC (RELENG_5, 5.5-STABLE) 2007-08-01 20:48:19 UTC (RELENG_5_5, 5.5-RELEASE-p15) -- Simon L. Nielsen FreeBSD Security Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070805125853.GA1023>