Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl

From: Mars G. Miro (marsgmiro_at_gmail.com)
Date: 10/11/05

Next message: Vladimir Terziev: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"

Previous message: jere: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Maybe in reply to: FreeBSD Security Advisories: "FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Next in thread: Roger Marquis: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 11 Oct 2005 21:58:29 +0800
To: jere@htnet.hr, freebsd-security@freebsd.org

> unfortunately, this is the dark side of FreeBSD security patch
> management :) and I think also the main reason FreeBSD isn't so widely
> deployed into enterprise environments. It's ok for hacking or managing
> few boxes but try to imagine how to manage security on hundreds of them
> this way. :(

> on the other side (bright side :) you can try to use unofficial and
> often somewhat slowly updating solutions such as bsdupdate
> (www.bsdupdates.com) or freebsd-update (from ports tree).

> currently, FreeBSD just don't have a mechanism to handle security
> advisories in quick way.

> any suggestions/corrections ?

> j.

You can always designate a build box and NFS share /usr/obj and
/usr/src and have the other FreeBSD boxens mount this and then do an
install{world/kernel}

jimmy at inet-solutions.be wrote:
> Quoting FreeBSD Security Advisories <security-advisories at freebsd.org>:
>
>
>>=============================================================================
>>FreeBSD-SA-05:21.openssl Security Advisory
>> The FreeBSD Project
>
> [..]
>
>>c) Recompile the operating system as described in
>><URL:
>>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >.
>
>
> Is there any reason why one would need to compile the whole operating system?
> I can understand that static linked apps need to be recompiled, but which
> are there actually any at all (and linked against openssl)?
>
> Kind regards,
> Jimmy Scott
>
> ----------------------------------------------------------------
> This message has been sent through ihosting.be
> To report spamming or other unaccepted behavior
> by a iHosting customer, please send a message
> to abuse at ihosting.be
> ----------------------------------------------------------------
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>

cheers
mars
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Vladimir Terziev: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"

Previous message: jere: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Maybe in reply to: FreeBSD Security Advisories: "FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Next in thread: Roger Marquis: "Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]