> On May 16, 2019, at 5:41 AM, Miroslav Lachman <000.f...@quip.cz> wrote:
>
> Alan Somers wrote on 2019/05/16 05:16:
>> On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
>
>>> It would also be good if base system vulnerabilities are first published
>>> in FreeBSD vuxml.
Alan Somers wrote on 2019/05/16 05:16:
On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
It would also be good if base system vulnerabilities are first published
in FreeBSD vuxml. Then it can be reported to sysadmins by package
security/base-audit.
+1. Reporting bas
On Wed, May 15, 2019 at 11:15 PM Bill Sorenson
wrote:
> > I’m not sure what you meant about Linux distros not categorizing fixes,
> though — with some notable exceptions, most of the big ones certainly tag
> security fixes >separately, which is what allows `unattended-upgrades` on
> Debian/Ubuntu
> I’m not sure what you meant about Linux distros not categorizing fixes,
> though — with some notable exceptions, most of the big ones certainly tag
> security fixes >separately, which is what allows `unattended-upgrades` on
> Debian/Ubuntu based systems (and `yum-cron` on RHEL) to work so nice
On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
>
> Mel Pilgrim wrote on 2019/05/16 02:30:
>
> [...]
>
> > By batching updates, FreeBSD is making administrative decisions for
> > other people's systems. Some folks don't need to worry about scheduling
> > downtime and wil
Mel Pilgrim wrote on 2019/05/16 02:30:
[...]
By batching updates, FreeBSD is making administrative decisions for
other people's systems. Some folks don't need to worry about scheduling
downtime and will benefit from faster update availability. Folks who
need to worry about scheduling downti
On Wed, May 15, 2019 at 10:28 PM Bill Sorenson
wrote:
> > Admins attentive to security issues will already be tracking CVEs for
> > the software they use and mitigating or solving the vulnerability by all
> > means available.
> >
> > By batching updates, FreeBSD is making administrative decisions
> Admins attentive to security issues will already be tracking CVEs for
> the software they use and mitigating or solving the vulnerability by all
> means available.
>
> By batching updates, FreeBSD is making administrative decisions for
> other people's systems. Some folks don't need to worry abo
On 2019-05-15 7:25, Julian H. Stacey wrote:
Hi core@,
cc hackers@ & stable@
PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
Volunteers who contribute actual fixes are very much apprecia
an Somers
> > Date: Wed, 15 May 2019 08:32:26 -0600
>
> Alan Somers wrote:
> > On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey
> wrote:
> > >
> > > Hi core@,
> > > cc hackers@ & stable@
> > >
> > > PR headli
On Wed, May 15, 2019 at 07:15:04PM +0200, Julian H. Stacey wrote:
> You make some good points, but all depend on variant circustances.
I think there's validity to both points of view, and as you say
I think a lot of it depends on circumstance. For example on my
personal systems, where I can patch
Hi. Your friendly neighborhood Security Officer here. I published the 5
advisories and 3 errata yesterday.
On Wed, May 15, 2019 at 07:15:04PM +0200, Julian H. Stacey wrote:
> Thanks Will,
> You make some good points, but all depend on variant circustances.
>
> I prefer to be informed ASAP, to mak
Thanks Will,
You make some good points, but all depend on variant circustances.
I prefer to be informed ASAP, to make my own decisons with max info ASAP,
Not delayed. I want freebsd.org to Not Delay fix announcements into batches.
If other admins want to delay being told told to do upgrades unti
> On May 15, 2019, at 12:28 PM, Andrea Venturoli wrote:
>
> On 5/15/19 6:16 PM, Matt Garber wrote:
>
>> Exactly. If batching 8 (or more) individual bugs/issues together into
>> one release is really causing admin/manpower overload and angst,then
>> maybe it’s time in your situation to use the b
Kurt Jaeger wrote:
> Hi!
>
> > > > Alternative is to for announcers to do Less work:
> > > > Send each announcement when ready.
>
> > > The problem is not the announcement, the problem is providing
> > > the freebsd-update.
>
> > > If announcements are send when ready, and the freebsd-update is
On 5/15/19 6:16 PM, Matt Garber wrote:
Exactly. If batching 8 (or more) individual bugs/issues together into
one release is really causing admin/manpower overload and angst,then
maybe it’s time in your situation to use the binary updates (which
would only be a single `freebsd-update` and reboot,
> On May 15, 2019, at 12:12 PM, Will Andrews wrote:
>
> On Wed, May 15, 2019 at 10:45 AM Julian H. Stacey wrote:
>
>> Batching also means some of these vulnerabilities could have been
>> fixed earlier & less of a surge of demand on recipient admins time.
>>
>> An admin can find time to amelio
On Wed, May 15, 2019 at 10:45 AM Julian H. Stacey wrote:
> Batching also means some of these vulnerabilities could have been
> fixed earlier & less of a surge of demand on recipient admins time.
>
> An admin can find time to ameliorate 1 bug, not 8 suddenly together.
> Avoidance is called plannin
On Wed, May 15, 2019 at 05:58:38PM +0200, Kurt Jaeger wrote:
> Hi!
>
> > > > Alternative is to for announcers to do Less work:
> > > > Send each announcement when ready.
>
> > > The problem is not the announcement, the problem is providing
> > > the freebsd-update.
>
> > > If announcements are
Hi!
> > > Alternative is to for announcers to do Less work:
> > > Send each announcement when ready.
> > The problem is not the announcement, the problem is providing
> > the freebsd-update.
> > If announcements are send when ready, and the freebsd-update is
> > not ready, therefore, the timefr
Hi, Reference:
> From: Kurt Jaeger
> Date: Wed, 15 May 2019 17:38:36 +0200
Kurt Jaeger wrote:
> Hi!
>
> > > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> > > >
> > > > https://lists
Hi, Reference:
> From: Alan Somers
> Date: Wed, 15 May 2019 08:32:26 -0600
Alan Somers wrote:
> On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey wrote:
> >
> > Hi core@,
> > cc hackers@ & stable@
> >
> > PR headline : "Fre
Hi!
> > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> > >
> > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
> > >
> > > Volunteers who contribute actual fixes are very much apprec
Kurt Jaeger wrote:
> Hi!
>
> > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> >
> > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
> >
> > Volunteers who contribute actual fixes are very much appreci
Hi!
> PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
>
> https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
>
> Volunteers who contribute actual fixes are very much appreciated;
> But those styled as 'management' w
On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey wrote:
>
> Hi core@,
> cc hackers@ & stable@
>
> PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
>
> https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
>
> Volunt
Hi core@,
cc hackers@ & stable@
PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
Volunteers who contribute actual fixes are very much appreciated;
But those styled as 'management'
27 matches
Mail list logo
