From owner-freebsd-stable@FreeBSD.ORG  Fri Dec 23 21:57:13 2011
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id ED553106564A;
	Fri, 23 Dec 2011 21:57:13 +0000 (UTC)
	(envelope-from gkontos.mail@gmail.com)
Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com
	[209.85.210.182])
	by mx1.freebsd.org (Postfix) with ESMTP id A6FDC8FC0A;
	Fri, 23 Dec 2011 21:57:13 +0000 (UTC)
Received: by iadj38 with SMTP id j38so17974972iad.13
	for <multiple recipients>; Fri, 23 Dec 2011 13:57:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	bh=XhtHzezHnm9BECx3CGdFoUzocldIyc1pubhxq1veFW0=;
	b=YDGsOLyf557dqU/Ba6uuYVEHpdN0yfzv6b9jS/tNJH7U7xYtA9gXmxxoirqqWOFU0V
	6U5guIBym4XxS/uI25dL/WsGYsIG3WZOBob6spq4Dr69gBKMgS+ovsMHb0LYc9V2FQxq
	cVFo9pedmvCFBbHjL42Sas0+V6g6F575n9Zu8=
MIME-Version: 1.0
Received: by 10.50.155.166 with SMTP id vx6mr15843892igb.16.1324677432878;
	Fri, 23 Dec 2011 13:57:12 -0800 (PST)
Received: by 10.231.15.7 with HTTP; Fri, 23 Dec 2011 13:57:12 -0800 (PST)
In-Reply-To: <CADt0fhyADx7OK+DLHW+avYMskAgPtFhnLj82_46y+wgy9vuiMw@mail.gmail.com>
References: <4EF4A75C.2040609@my.gd> <4EF4B2D6.5090206@sentex.net>
	<4EF4B982.3070207@missouri.edu> <4EF4C08A.3080609@sentex.net>
	<CA+dUSyo4biqKCQnVaD5YSHcY_hA2vE_azqHD4+915bXqB9qixQ@mail.gmail.com>
	<4EF4CB2E.4030109@infracaninophile.co.uk>
	<CA+dUSypTX3LEb2qOk7t9F7femKbWKfwSbJOd58=5vNVJz8wQww@mail.gmail.com>
	<20111223204838.GA43740@in-addr.com>
	<CA+dUSyoycONC5yM7ZLKRwLp1W8wtUf+w3yx1V+QorpmCcjO3ww@mail.gmail.com>
	<CADt0fhyADx7OK+DLHW+avYMskAgPtFhnLj82_46y+wgy9vuiMw@mail.gmail.com>
Date: Fri, 23 Dec 2011 23:57:12 +0200
Message-ID: <CA+dUSyrB1vxeXP1ZPQ1M9sW46W+mLyB+eOPrMZN9Cu5_qUQmdw@mail.gmail.com>
From: George Kontostanos <gkontos.mail@gmail.com>
To: Shawn Webb <lattera@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Dec 2011 21:57:14 -0000

On Fri, Dec 23, 2011 at 11:45 PM, Shawn Webb <lattera@gmail.com> wrote:
> As others have mentioned, you don't _have_ to patch this weekend. All
> of the vulnerabilities have been [semi-]public knowledge for at least
> a week. What's the harm in waiting till next week? Just pretend like
> the patches came in on Tuesday.
>
> I, for one, am grateful that FreeBSD has provided patches. It allows
> people who do have the time/ability to patch this weekend to do just
> that. If you don't want to, then don't. Simple as that.
>
> Thanks,
>
> Shawn
>
I wish it was that simple. It is very different to be aware of a
possible vulnerability from getting an official security advisory.
Unfortunately sometimes, the decision to patch or not to patch, comes
from people who decide based upon bureaucracy.
I am certainly thankful to the FreeBSD security team for identifying
and providing patches.
However, when you start receiving emails about security advisories
every 5 minutes, you tend to wonder when will they stop :)

Regards and happy holidays


George