And in what revision besides an administrators local modifications suggest that those werre ever a part of the source trree ?
For reference ... https://svnweb.freebsd.org/base/stable/11/etc/hosts?view=log Quite frankly the FreeBSD source committers are much more knowledged thann your insight suggests... Facts plz ... On Thu, Jul 04, 2019 at 10:18:16AM -0400, Walter Cramer wrote: > Suspected severity: Low. Systems with inattentive administrators may not > receive the latest updates, and no obvious error messages will point out the > problem. > > Situation discovered in: A few older 11.2-RELEASE FreeBSD systems, with > /etc/hosts entries like this: > > 96.47.72.72 ftp.freebsd.org > 96.47.72.71 pkg.freebsd.org > > (Those are now obsolete. Originally, they were added to simplify firewall > rules and rule-loading, and as a DNS hijack defense.) > > Resulting problem: `freebsd-update fetch` sometimes "sees" the latest > (11.2-RELEASE-p11) version of 11.2. Other times, it "sees" the older > 11.2-RELEASE-p10. So, if a sysadmin relied on `freebsd-update` to tell him > when systems needed updating, he could be unaware of un-patched, vulnerable > systems. > > NOT verified: Whether the obsolete /etc/hosts entry for pkg.freebsd.org > actually causes any problems. (Or if `pkg` is aware of the problem, and > silently doing all the right things.) > > Suggested Fixes... > - Have `freebsd-update`, `pkg`, and similar utilities double-check for DNS > information that is obsolete or conflicting, and warn the user. > - Have any obsolete - but still-active - pkg or update servers advertise > their obsolete status, and `freebsd-update` and `pkg` notice that, and warn > the user. > _______________________________________________ > [email protected] mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[email protected]" -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
signature.asc
Description: PGP signature
