FreeBSD Security Advisory FreeBSD-SA-05:21.openssl
Mars G. Miro
marsgmiro at gmail.com
Tue Oct 11 06:58:32 PDT 2005
> unfortunately, this is the dark side of FreeBSD security patch
> management :) and I think also the main reason FreeBSD isn't so widely
> deployed into enterprise environments. It's ok for hacking or managing
> few boxes but try to imagine how to manage security on hundreds of them
> this way. :(
> on the other side (bright side :) you can try to use unofficial and
> often somewhat slowly updating solutions such as bsdupdate
> (www.bsdupdates.com) or freebsd-update (from ports tree).
> currently, FreeBSD just don't have a mechanism to handle security
> advisories in quick way.
> any suggestions/corrections ?
> j.
You can always designate a build box and NFS share /usr/obj and
/usr/src and have the other FreeBSD boxens mount this and then do an
install{world/kernel}
jimmy at inet-solutions.be wrote:
> Quoting FreeBSD Security Advisories <security-advisories at freebsd.org>:
>
>
>>=============================================================================
>>FreeBSD-SA-05:21.openssl Security Advisory
>> The FreeBSD Project
>
> [..]
>
>>c) Recompile the operating system as described in
>><URL:
>>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >.
>
>
> Is there any reason why one would need to compile the whole operating system?
> I can understand that static linked apps need to be recompiled, but which
> are there actually any at all (and linked against openssl)?
>
> Kind regards,
> Jimmy Scott
>
> ----------------------------------------------------------------
> This message has been sent through ihosting.be
> To report spamming or other unaccepted behavior
> by a iHosting customer, please send a message
> to abuse at ihosting.be
> ----------------------------------------------------------------
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
cheers
mars
More information about the freebsd-security
mailing list