Date: Tue, 08 Apr 2014 13:59:51 -0400 From: Mike Tancsa <mike@sentex.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD's heartbleed response Message-ID: <53443917.7040609@sentex.net> In-Reply-To: <20140408174210.GA5433@behemoth> References: <20140408174210.GA5433@behemoth>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/8/2014 1:42 PM, Chris Nehren wrote: > later, FreeBSD remains unpatched. There are many worried > sysadmins and other users in #freebsd and elsewhere wondering > what's going on and when their systems will be patched. So far > all we have is an unofficial gist on github and some discussion > here (which most users don't see) with no further information. > More transparency is needed. * The port was very quickly updated. * Xin posted a working patch to the list for those who really wanted to apply it. * I think it reasonable that code touching such a CRITICAL aspect of the OS be *well* reviewed before getting committed. IIRC there was a quick fix to an openssl bug in the past that then had to be fixed again. * What is stopping people who care about security from joining, or following this mailing list ? ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53443917.7040609>