Date: Fri, 23 Dec 2011 14:45:06 -0700 From: Shawn Webb <lattera@gmail.com> To: George Kontostanos <gkontos.mail@gmail.com> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: FLAME - security advisories on the 23rd ? uncool idea is uncool Message-ID: <CADt0fhyADx7OK%2BDLHW%2BavYMskAgPtFhnLj82_46y%2Bwgy9vuiMw@mail.gmail.com> In-Reply-To: <CA%2BdUSyoycONC5yM7ZLKRwLp1W8wtUf%2Bw3yx1V%2BQorpmCcjO3ww@mail.gmail.com> References: <4EF4A75C.2040609@my.gd> <4EF4B2D6.5090206@sentex.net> <4EF4B982.3070207@missouri.edu> <4EF4C08A.3080609@sentex.net> <CA%2BdUSyo4biqKCQnVaD5YSHcY_hA2vE_azqHD4%2B915bXqB9qixQ@mail.gmail.com> <4EF4CB2E.4030109@infracaninophile.co.uk> <CA%2BdUSypTX3LEb2qOk7t9F7femKbWKfwSbJOd58=5vNVJz8wQww@mail.gmail.com> <20111223204838.GA43740@in-addr.com> <CA%2BdUSyoycONC5yM7ZLKRwLp1W8wtUf%2Bw3yx1V%2BQorpmCcjO3ww@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
As others have mentioned, you don't _have_ to patch this weekend. All of the vulnerabilities have been [semi-]public knowledge for at least a week. What's the harm in waiting till next week? Just pretend like the patches came in on Tuesday. I, for one, am grateful that FreeBSD has provided patches. It allows people who do have the time/ability to patch this weekend to do just that. If you don't want to, then don't. Simple as that. Thanks, Shawn On Fri, Dec 23, 2011 at 2:40 PM, George Kontostanos <gkontos.mail@gmail.com> wrote: > On Fri, Dec 23, 2011 at 10:48 PM, Gary Palmer <gpalmer@freebsd.org> wrote= : >> On Fri, Dec 23, 2011 at 08:55:35PM +0200, George Kontostanos wrote: >>> On Fri, Dec 23, 2011 at 8:40 PM, Matthew Seaman >>> <m.seaman@infracaninophile.co.uk> wrote: >>> > On 23/12/2011 18:05, George Kontostanos wrote: >>> >> Are all cvs mirror servers updated regarding these changes ? >>> >> >>> >> ANYBODY ???? >>> > >>> > Should have by now. ?Commits usually take about an hour to propagate = to >>> > the official cvsup servers. >>> > >>> > Easy enough to tell though -- the advisories have all the version >>> > numbers in, and you'ld only need to check a file or two from each of >>> > them to be reasonably sure you'ld got all the updates. >>> > >>> > ? ? ? ?Cheers, >>> > >>> > ? ? ? ?Matthew >>> > >>> > -- >>> > Dr Matthew J Seaman MA, D.Phil. ? ? ? ? ? ? ? ? ? 7 Priory Courtyard >>> > ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?Flat 3 >>> > PGP: http://www.infracaninophile.co.uk/pgpkey ? ? Ramsgate >>> > JID: matthew@infracaninophile.co.uk ? ? ? ? ? ? ? Kent, CT11 9PW >>> > >>> >>> Thanks for the info Matthew. I think though that it is best for all to >>> first make sure that the servers all updated before sending out all >>> those security advisories. >> >> I don't believe they're monitored like that. =A0If you want the updates >> quickly, download the files referenced in the advisories. =A0My build wa= s >> done before my local cvsup server picked up the changes. >> >> Gary > > Yes, that's easy if you dealing with one server. But it is very > different when you have to apply those patches to 20 different servers > that are in different locations. Having a local cvsup server doing > this job tends to make updating easier. > > In any case, and IMHO this was not the proper time for this kind of > advisories considering the fact that many companies are in a freeze > period. > > Cheers > > -- > George Kontostanos > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADt0fhyADx7OK%2BDLHW%2BavYMskAgPtFhnLj82_46y%2Bwgy9vuiMw>