Date: Tue, 10 Jul 2001 09:57:10 -0600 From: Wes Peters <wes@softweyr.com> To: Ryan Masse <rmasse@mastery.ca> Cc: jamie rishaw <jamie@playboy.com>, FreeBSD-Security <freebsd-security@freebsd.org> Subject: Re: security advisories Message-ID: <3B4B25D6.984E7EDB@softweyr.com> References: <00ff01c10950$86f94000$3200000a@Intranet> <20010710103255.D5972@playboy.com> <017001c10957$1c66fa00$3200000a@Intranet>
next in thread | previous in thread | raw e-mail | index | archive | help
Ryan Masse wrote: > > complain? for those individuals with the port in question installed and who > wait for an advisory to take action in updating their source would have had > a possible security breach from the time realized to the time an advisory is > issued. Wouldn't you want an advisory as soon the bug was found? Even though > the samba bug is not of major concern what if it were more serious? Would > you want to leave your mission critical servers open to attack? The advisories are issued as soon as the puported problem has been researched, verified, and either a workaround or a fix implemented. Sometimes the workaround is as simple as "don't use this until we have a fix available," which may or may not be useful to you. As I pointed out in my previous message, you have one sure-fire way to help decrease the latency in the analysis and writing of SAs: join the team and work hard. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B4B25D6.984E7EDB>