Re: ftp.freebsd.org out of date? (WRT security advisories)

From: Jacques A. Vidrine (nectar_at_FreeBSD.org)
Date: 09/18/03

  • Next message: Bruce M Simpson: "Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh" 
    Date: Thu, 18 Sep 2003 10:01:18 -0500
To: "Bruce A. Mah" <bmah@freebsd.org>

    On Wed, Sep 17, 2003 at 08:40:08PM -0700, Bruce A. Mah wrote:
    > I'm not sure what's a good solution to this. I know that security-team
    > is aware of the problem, in fact it came up in the security-officer BoF
    > at BSDCon.

    I think the end result was that I'm basically willing to manually push
    updates to any mirrors to which I have access. I have been pushing
    them to ftp and ftp2, but (as I posted in a recent message), recent
    events have mucked this up a bit.

    > (One possibility might be to put the advisories on the Web site and
    > force an update immediately after an advisory is issued. I do this
    > during the late stages of a release cycle to push out the release
    > announcements and release notes. The problem with this, however, is
    > that everyone is conditioned to look to the FTP sites for advisories.)

    I wouldn't mind having the advisories and patches live on HTTP also.
    It is arguably more convenient for more people. I wouldn't want
    to have to go through CVS first to publish the patches or advisory
    however.

    Cheers, 

    -- 
Jacques Vidrine   . NTT/Verio SME      . FreeBSD UNIX       . Heimdal
nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Bruce M Simpson: "Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh"