Re: Fw: FreeBSD Security Advisory FreeBSD-SA-07:07.bind



On 2007.08.05 07:41:44 -0500, Josh Paetzel wrote:
Simon L. Nielsen wrote:

RELENG_6 was already fixed 2007-07-25 08:23:08 UTC by dougb, so the
patch wasn't tested against RELENG_6 at all but only against the
release / security branches. Most of the time the released patches
will work against the stable branches, but not always.

This is sort of an unusual situation isn't it, where RELENG_6 is fixed
prior to the SA being released?

Not really unusual although many advisories have all branches fixed at
the same time. The same happened for FreeBSD-SA-07:02.bind and
FreeBSD-SA-07:03.ipv6, though it was only two days between RELENG_X
and advisory in those cases.

In this case the time between RELENG_X fix and advisory was a bit
longer since dougb was very fast in getting HEAD/RELENG_[56] fixed and
we couldn't get it all ready the week the BIND vulnerability was
announced.

If so it might have been useful for
the SA to say something about affecting STABLE before xxxx-xx-xx where
xxxx-xx-xx is the date that the fix was committed.

It actually already does since it's part of the normal advisory header
information:

[Quoting FreeBSD-SA-07:07.bind]
Corrected: 2007-07-25 08:23:08 UTC (RELENG_6, 6.2-STABLE)
2007-08-01 20:44:58 UTC (RELENG_6_2, 6.2-RELEASE-p7)
2007-08-01 20:45:49 UTC (RELENG_6_1, 6.1-RELEASE-p19)
2007-07-25 08:24:40 UTC (RELENG_5, 5.5-STABLE)
2007-08-01 20:48:19 UTC (RELENG_5_5, 5.5-RELEASE-p15)

--
Simon L. Nielsen
FreeBSD Security Team
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • FreeBSD Security Advisory FreeBSD-SA-05:18.zlib
    ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The issue discussed in this advisory is distinct from the ... A fixed-size buffer is used in the decompression of data streams. ...
    (FreeBSD-Security)
  • [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-05:18.zlib
    ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The issue discussed in this advisory is distinct from the ... A fixed-size buffer is used in the decompression of data streams. ...
    (freebsd-announce)
  • FreeBSD Security Advisory FreeBSD-SA-05:18.zlib
    ... For general information regarding FreeBSD Security Advisories, ... including descriptions of the fields above, security branches, and the ... The issue discussed in this advisory is distinct from the ... A fixed-size buffer is used in the decompression of data streams. ...
    (Bugtraq)