From owner-freebsd-questions@FreeBSD.ORG Sat Dec 24 18:01:15 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1CCC106566B for ; Sat, 24 Dec 2011 18:01:15 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: from mail-tul01m020-f182.google.com (mail-tul01m020-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 703838FC0A for ; Sat, 24 Dec 2011 18:01:15 +0000 (UTC) Received: by obbwd18 with SMTP id wd18so8818325obb.13 for ; Sat, 24 Dec 2011 10:01:14 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.149.33 with SMTP id tx1mr16695698obb.62.1324749674694; Sat, 24 Dec 2011 10:01:14 -0800 (PST) Received: by 10.182.154.70 with HTTP; Sat, 24 Dec 2011 10:01:14 -0800 (PST) In-Reply-To: <20111223225416.d7e93cc4@mail.ose.nl> References: <20111223225416.d7e93cc4@mail.ose.nl> Date: Sat, 24 Dec 2011 10:01:14 -0800 Message-ID: From: Michael Sierchio To: Bas Smeelen Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-questions@freebsd.org Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Dec 2011 18:01:15 -0000 Careful reading, as opposed to blindly applying updates, is often rewarded. If you aren't running telnetd, it follows that you are not vulnerable to the most serious exploit addressed by the patch (remote root). I have had no trouble since applying the patch to 7.4 and 8.2 systems. YMMV= . Given the nature of the exploit, and the fact that it has been seen in the wild, there was not choice but to make the announcement and make the patch available. - M On Fri, Dec 23, 2011 at 2:54 PM, Bas Smeelen wrote: >>If a security advisory is announced, you have to patch, period! > > =A0>Happy holidays to all. Black hats too :) > > =A0>-- > =A0>George > > =A0It is up to the sysadmin. > =A0If your services are not affected, there is no need to patch. > =A0Although it's best to always keep your systems up to the latest. > =A0I think the security advisories are a good thing especially this time = of the year > =A0But like they say here it's a storm in a glass of water > =A0YMMV > =A0Cheers and happy holidays (holy-days :)) > > Disclaimer: http://www.ose.nl/email > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg"