On Thu, 13 Nov 2008, Simon Connah wrote:
On 12 Nov 2008, at 17:57, Peer Janssen wrote:
Hi!
I subscribed to security-announce a long time ago and thought I would
receive information about security annoucements, but contrary to what is
stated on http://openbsd.org/mail.html:
"security-announce - Security announcements. This low volume list receives
OpenBSD security advisories and pointers to security patches as they become
available.",
as is easily verifyable here:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-security-announce/
together with:
http://openbsd.org/errata44.html,
the patches are not announced.
If the stated annoucement process via mailing list is unreliable or
untimely, I'd think it's useless, and with it that mailing list.
Regards
Peer
Four of those 4.4 patches are listed as reliability patches and not security
patches. So I can why they were not posted to the security list. There is
only one security patch there and that is patch 001.
I'm sure one of the developers will correct me if I am wrong but that is my
assumption.
Simon.
For what its worth (probably not much), there is also the errata
rss feed from undeadly, which clearly marks SECURITY vs RELIABILITY
patches. I'm sure everyone knows about this by now, but it does make a
nice addition to an rss reader of choice.
http://www.undeadly.org/cgi?action=errata
