Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 May 2016 12:14:30 -0700 (PDT)
From:      Roger Marquis <marquis@roble.com>
To:        Steven Hartland <killing@multiplay.co.uk>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Batching errata & advisories in heaps degrades security.
In-Reply-To: <3930e03c-f81b-1366-6c76-20549768cfe4@multiplay.co.uk>
References:  <201605051625.u45GPODc084944@fire.js.berklix.net> <3930e03c-f81b-1366-6c76-20549768cfe4@multiplay.co.uk>

| previous in thread | raw e-mail | index | archive | help
> Totally the opposite, it means one rollout instead of X rollouts making it 
> simpler not harder.

I don't know, isn't that the logic behind Microsoft's failed
patch-Tuesdays?

It's important not to confound security with usability.  Any delay to a
security advisory is an invitation to hackers.  I don't think that's
what end-users expect from FreeBSD much as the long arm of the NSA might
want to make it so (primarily vis-a-vis CERT and NIST).

Those sites that don't care about security are well served by batching
but given the packaging of base it seems like there's no longer any
significant benefit.

Roger



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>