On Fri, Jan 27, 2006 at 10:07:33AM +0100, Otto Moerbeek wrote: > On Thu, 26 Jan 2006, Rob W wrote: > > > http://www.securityfocus.com/bid/16375 is minor but important enough to > > report? > > > > A way to remotly crash a OpenBSD box is minor? > > If the number of systems affected is low, the answer may be yes. This > problem only exists if you enable specific scrubbing options in pf. > > As a rule of thumb, you can look at the fraction of machines affected > multiplied but the severity of the problem. This gives some > indication if something is going to hit errata. > > We are not hiding things, just follow src-changes to get everything.
Or Full-Disclosure or one of the like, for a more generic security list. See http://lists.grok.org.uk. It doesn't have much OpenBSD content, of course... ;-) Joachim
