Date: Fri, 23 Dec 2011 16:52:10 +0000 From: Joe Holden <lists@rewt.org.uk> To: Damien Fleuriot <ml@my.gd> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool Message-ID: <4EF4B1BA.8040206@rewt.org.uk> In-Reply-To: <4EF4B13E.2020109@my.gd> References: <4EF4A75C.2040609@my.gd> <4EF4B0B2.10709@rewt.org.uk> <4EF4B13E.2020109@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
The serious one (telnetd) is already being exploited in the wild, and if you're running telnetd anyway then you can always switch to ssh or acl the port, either way it is a relative non-issue to ignore the update for now... Damien Fleuriot wrote: > My point (which may or may not be valid) was that if the vulnerabilities > remained *undisclosed*, they would have a much lower chance of being > exploited. > > > > On 12/23/11 5:47 PM, Joe Holden wrote: >> So don't update until Monday? The outcome will be the same :) >> >> Damien Fleuriot wrote: >>> Hey up list, >>> >>> >>> >>> Look, just a rant here. >>> >>> >>> Who in *HELL* thought it would be a cool idea to release no less than >>> FOUR security advisories today ? >>> >>> I mean, couldn't this have waited and remained undisclosed until monday ? >>> >>> I for one do *NOT* relish the idea of updating 50+ boxes this evening >>> and tomorrow ! >>> >>> >>> Not to mention a whole lot of merchants and banks have toggled IT Freeze >>> a few weeks ago, to ensure xmas shopping doesn't get disturbed by >>> production changes. >>> >>> >>> Seriously, this is just irritating. >>> >>> >>> /flame >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EF4B1BA.8040206>