From owner-freebsd-stable@FreeBSD.ORG  Fri Dec 23 22:34:53 2011
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3C5E3106566B
	for <freebsd-stable@freebsd.org>; Fri, 23 Dec 2011 22:34:53 +0000 (UTC)
	(envelope-from gkontos.mail@gmail.com)
Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com
	[209.85.210.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 00BD98FC12
	for <freebsd-stable@freebsd.org>; Fri, 23 Dec 2011 22:34:52 +0000 (UTC)
Received: by iadj38 with SMTP id j38so18035436iad.13
	for <freebsd-stable@freebsd.org>; Fri, 23 Dec 2011 14:34:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=+/teKwd9XXt902acIEyBApMAJcVTh+3jeRudpPPM8Q0=;
	b=u0F7NvJv093CiGcvMyiPVPMw2BOqt039W0nP4KPyDAN/svKL3YmfFo9wxtswpmhghY
	cUrJYGx3YKSDDxSctIstXg9RauXHl+yR2dDGH3autFshJTBzjBWbq+CkcgeLyGB6ETF3
	pglVZ9KSrZJBk21rp2fzr7Xu3LSW0qFrB1+1c=
MIME-Version: 1.0
Received: by 10.50.180.138 with SMTP id do10mr15724221igc.20.1324679692505;
	Fri, 23 Dec 2011 14:34:52 -0800 (PST)
Received: by 10.231.15.7 with HTTP; Fri, 23 Dec 2011 14:34:52 -0800 (PST)
In-Reply-To: <20111223220217.GB15456@server.vk2pj.dyndns.org>
References: <4EF4A75C.2040609@my.gd> <4EF4B2D6.5090206@sentex.net>
	<4EF4B982.3070207@missouri.edu> <4EF4C08A.3080609@sentex.net>
	<CA+dUSyo4biqKCQnVaD5YSHcY_hA2vE_azqHD4+915bXqB9qixQ@mail.gmail.com>
	<4EF4CB2E.4030109@infracaninophile.co.uk>
	<CA+dUSypTX3LEb2qOk7t9F7femKbWKfwSbJOd58=5vNVJz8wQww@mail.gmail.com>
	<20111223204838.GA43740@in-addr.com>
	<CA+dUSyoycONC5yM7ZLKRwLp1W8wtUf+w3yx1V+QorpmCcjO3ww@mail.gmail.com>
	<20111223220217.GB15456@server.vk2pj.dyndns.org>
Date: Sat, 24 Dec 2011 00:34:52 +0200
Message-ID: <CA+dUSyqv6224FS0sBRv8z-_i5umF7rZP2ZsUrepyYX=cX3_ouQ@mail.gmail.com>
From: George Kontostanos <gkontos.mail@gmail.com>
To: Peter Jeremy <peterjeremy@acm.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Dec 2011 22:34:53 -0000

On Sat, Dec 24, 2011 at 12:02 AM, Peter Jeremy <peterjeremy@acm.org> wrote:
> On 2011-Dec-23 23:40:10 +0200, George Kontostanos <gkontos.mail@gmail.com=
> wrote:
>>In any case, and IMHO this was not the proper time for this kind of
>>advisories considering the fact that many companies are in a freeze
>>period.
>
> My honeypot logs suggest that the black hats aren't taking a holiday.
> As Colin posted, the SO had to decide between two unpalatable options
> and, IMHO, he made the correct decision. =A0The details and fixes are
> now available - it's up to you to weigh up the risks of patching vs
> the risks of not patching.
>
> --
> Peter Jeremy

If a security advisory is announced, you have to patch, period!

Happy holidays to all. Black hats too :)

--=20
George