From owner-freebsd-stable@FreeBSD.ORG  Fri Dec 23 22:02:22 2011
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2E34E106566B
	for <freebsd-stable@freebsd.org>; Fri, 23 Dec 2011 22:02:22 +0000 (UTC)
	(envelope-from peterjeremy@acm.org)
Received: from mail15.syd.optusnet.com.au (mail15.syd.optusnet.com.au
	[211.29.132.196])
	by mx1.freebsd.org (Postfix) with ESMTP id AF9178FC1B
	for <freebsd-stable@freebsd.org>; Fri, 23 Dec 2011 22:02:21 +0000 (UTC)
Received: from server.vk2pj.dyndns.org
	(c220-239-116-103.belrs4.nsw.optusnet.com.au [220.239.116.103])
	by mail15.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id
	pBNM2JFQ007200
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Sat, 24 Dec 2011 09:02:20 +1100
X-Bogosity: Ham, spamicity=0.000000
Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1])
	by server.vk2pj.dyndns.org (8.14.5/8.14.4) with ESMTP id pBNM2IRd073290;
	Sat, 24 Dec 2011 09:02:18 +1100 (EST)
	(envelope-from peter@server.vk2pj.dyndns.org)
Received: (from peter@localhost)
	by server.vk2pj.dyndns.org (8.14.5/8.14.4/Submit) id pBNM2IiZ073289;
	Sat, 24 Dec 2011 09:02:18 +1100 (EST) (envelope-from peter)
Date: Sat, 24 Dec 2011 09:02:17 +1100
From: Peter Jeremy <peterjeremy@acm.org>
To: George Kontostanos <gkontos.mail@gmail.com>
Message-ID: <20111223220217.GB15456@server.vk2pj.dyndns.org>
References: <4EF4A75C.2040609@my.gd> <4EF4B2D6.5090206@sentex.net>
	<4EF4B982.3070207@missouri.edu> <4EF4C08A.3080609@sentex.net>
	<CA+dUSyo4biqKCQnVaD5YSHcY_hA2vE_azqHD4+915bXqB9qixQ@mail.gmail.com>
	<4EF4CB2E.4030109@infracaninophile.co.uk>
	<CA+dUSypTX3LEb2qOk7t9F7femKbWKfwSbJOd58=5vNVJz8wQww@mail.gmail.com>
	<20111223204838.GA43740@in-addr.com>
	<CA+dUSyoycONC5yM7ZLKRwLp1W8wtUf+w3yx1V+QorpmCcjO3ww@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="QTprm0S8XgL7H0Dt"
Content-Disposition: inline
In-Reply-To: <CA+dUSyoycONC5yM7ZLKRwLp1W8wtUf+w3yx1V+QorpmCcjO3ww@mail.gmail.com>
X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Dec 2011 22:02:22 -0000


--QTprm0S8XgL7H0Dt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2011-Dec-23 23:40:10 +0200, George Kontostanos <gkontos.mail@gmail.com> =
wrote:
>In any case, and IMHO this was not the proper time for this kind of
>advisories considering the fact that many companies are in a freeze
>period.

My honeypot logs suggest that the black hats aren't taking a holiday.
As Colin posted, the SO had to decide between two unpalatable options
and, IMHO, he made the correct decision.  The details and fixes are
now available - it's up to you to weigh up the risks of patching vs
the risks of not patching.

--=20
Peter Jeremy

--QTprm0S8XgL7H0Dt
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk70+mkACgkQ/opHv/APuIfCXQCglgyeM/dpkLMO14cYHcxCEhaP
JkMAn1ujyZSF0tZt/9NoCUW958NqgrR1
=yZNR
-----END PGP SIGNATURE-----

--QTprm0S8XgL7H0Dt--