ftp.freebsd.org out of date? (WRT security advisories)
Colin Percival
colin.percival at wadham.ox.ac.uk
Wed Sep 17 20:49:05 PDT 2003
At 20:40 17/09/2003 -0700, Bruce A. Mah wrote:
>I'm not sure what's a good solution to this. I know that security-team
>is aware of the problem, in fact it came up in the security-officer BoF
>at BSDCon.
It was mentioned, but I don't recall anything being decided.
>(One possibility might be to put the advisories on the Web site and
>force an update immediately after an advisory is issued. I do this
>during the late stages of a release cycle to push out the release
>announcements and release notes. The problem with this, however, is
>that everyone is conditioned to look to the FTP sites for advisories.)
One option would be to put the patch signatures on the website (where
they could be force-updated). Nobody would ever consider applying a patch
without verified the attached signature, right?
Colin Percival
More information about the freebsd-security
mailing list