Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 20 Mar 2000 23:15:28 -0800
From:      Peter Wemm <peter@netplex.com.au>
To:        Dave McKay <dave@mu.org>
Cc:        freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG
Subject:   Re: ports security advisories.. 
Message-ID:  <20000321071528.B5AB41CC9@overcee.netplex.com.au>
In-Reply-To: Message from Dave McKay <dave@mu.org>  of "Mon, 20 Mar 2000 15:46:14 CST." <20000320154614.A63670@elvis.mu.org> 

next in thread | previous in thread | raw e-mail | index | archive | help
Dave McKay wrote:

> Is it really necessary to post the ports security advisories?
> The exploitable programs are not part of the FreeBSD OS, they
> are third party software.  I think the proper place for these
> is the Bugtraq mailing list on securityfocus.com.  Also to add
> to the arguments, most of the advisories are not FreeBSD
> specific.

Sadly yes, it seems it is.  If we get in first, we get to remind people
that it's not a standard part of FreeBSD etc.  Otherwise people post on
bugtraq "security hole in FreeBSD, no public response after a week" style
things which do not look good at all.  Doing it this way is a bit
irritiating but is the least evil of the alternatives.

Cheers,
-Peter



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000321071528.B5AB41CC9>