> On May 16, 2019, at 5:41 AM, Miroslav Lachman <000.f...@quip.cz> wrote:
>
> Alan Somers wrote on 2019/05/16 05:16:
>> On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
>
>>> It would also be good if base system vulnerabilities are first published
>>> in FreeBSD vuxml.
Alan Somers wrote on 2019/05/16 05:16:
On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
It would also be good if base system vulnerabilities are first published
in FreeBSD vuxml. Then it can be reported to sysadmins by package
security/base-audit.
+1. Reporting
On Wed, May 15, 2019 at 11:15 PM Bill Sorenson
wrote:
> > I’m not sure what you meant about Linux distros not categorizing fixes,
> though — with some notable exceptions, most of the big ones certainly tag
> security fixes >separately, which is what allows `unattended-upgrades` on
>
> I’m not sure what you meant about Linux distros not categorizing fixes,
> though — with some notable exceptions, most of the big ones certainly tag
> security fixes >separately, which is what allows `unattended-upgrades` on
> Debian/Ubuntu based systems (and `yum-cron` on RHEL) to work so
On Wed, May 15, 2019 at 9:14 PM Miroslav Lachman <000.f...@quip.cz> wrote:
>
> Mel Pilgrim wrote on 2019/05/16 02:30:
>
> [...]
>
> > By batching updates, FreeBSD is making administrative decisions for
> > other people's systems. Some folks don't need to worry about scheduling
> > downtime and
Mel Pilgrim wrote on 2019/05/16 02:30:
[...]
By batching updates, FreeBSD is making administrative decisions for
other people's systems. Some folks don't need to worry about scheduling
downtime and will benefit from faster update availability. Folks who
need to worry about scheduling
On Wed, May 15, 2019 at 10:28 PM Bill Sorenson
wrote:
> > Admins attentive to security issues will already be tracking CVEs for
> > the software they use and mitigating or solving the vulnerability by all
> > means available.
> >
> > By batching updates, FreeBSD is making administrative
> Admins attentive to security issues will already be tracking CVEs for
> the software they use and mitigating or solving the vulnerability by all
> means available.
>
> By batching updates, FreeBSD is making administrative decisions for
> other people's systems. Some folks don't need to worry
On 2019-05-15 7:25, Julian H. Stacey wrote:
Hi core@,
cc hackers@ & stable@
PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
Volunteers who contribute actual fixes are very much appreciated;
But those
Is disagree, having them hatched causes us less work not more, as others
have said one update not many, which result in one outage of systems that
need patching not many.
Regards
Steve
On Wed, 15 May 2019 at 16:48, Julian H. Stacey wrote:
> Hi, Reference:
> > From: Alan Somers
>
On Wed, May 15, 2019 at 07:15:04PM +0200, Julian H. Stacey wrote:
> You make some good points, but all depend on variant circustances.
I think there's validity to both points of view, and as you say
I think a lot of it depends on circumstance. For example on my
personal systems, where I can
Hi. Your friendly neighborhood Security Officer here. I published the 5
advisories and 3 errata yesterday.
On Wed, May 15, 2019 at 07:15:04PM +0200, Julian H. Stacey wrote:
> Thanks Will,
> You make some good points, but all depend on variant circustances.
>
> I prefer to be informed ASAP, to
Thanks Will,
You make some good points, but all depend on variant circustances.
I prefer to be informed ASAP, to make my own decisons with max info ASAP,
Not delayed. I want freebsd.org to Not Delay fix announcements into batches.
If other admins want to delay being told told to do upgrades
> On May 15, 2019, at 12:28 PM, Andrea Venturoli wrote:
>
> On 5/15/19 6:16 PM, Matt Garber wrote:
>
>> Exactly. If batching 8 (or more) individual bugs/issues together into
>> one release is really causing admin/manpower overload and angst,then
>> maybe it’s time in your situation to use the
Kurt Jaeger wrote:
> Hi!
>
> > > > Alternative is to for announcers to do Less work:
> > > > Send each announcement when ready.
>
> > > The problem is not the announcement, the problem is providing
> > > the freebsd-update.
>
> > > If announcements are send when ready, and the freebsd-update
On 5/15/19 6:16 PM, Matt Garber wrote:
Exactly. If batching 8 (or more) individual bugs/issues together into
one release is really causing admin/manpower overload and angst,then
maybe it’s time in your situation to use the binary updates (which
would only be a single `freebsd-update` and
> On May 15, 2019, at 12:12 PM, Will Andrews wrote:
>
> On Wed, May 15, 2019 at 10:45 AM Julian H. Stacey wrote:
>
>> Batching also means some of these vulnerabilities could have been
>> fixed earlier & less of a surge of demand on recipient admins time.
>>
>> An admin can find time to
On Wed, May 15, 2019 at 10:45 AM Julian H. Stacey wrote:
> Batching also means some of these vulnerabilities could have been
> fixed earlier & less of a surge of demand on recipient admins time.
>
> An admin can find time to ameliorate 1 bug, not 8 suddenly together.
> Avoidance is called
On Wed, May 15, 2019 at 05:58:38PM +0200, Kurt Jaeger wrote:
> Hi!
>
> > > > Alternative is to for announcers to do Less work:
> > > > Send each announcement when ready.
>
> > > The problem is not the announcement, the problem is providing
> > > the freebsd-update.
>
> > > If announcements are
Hi!
> > > Alternative is to for announcers to do Less work:
> > > Send each announcement when ready.
> > The problem is not the announcement, the problem is providing
> > the freebsd-update.
> > If announcements are send when ready, and the freebsd-update is
> > not ready, therefore, the
Hi, Reference:
> From: Kurt Jaeger
> Date: Wed, 15 May 2019 17:38:36 +0200
Kurt Jaeger wrote:
> Hi!
>
> > > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> > > >
> > > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
> > > >
>
Hi, Reference:
> From: Alan Somers
> Date: Wed, 15 May 2019 08:32:26 -0600
Alan Somers wrote:
> On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey wrote:
> >
> > Hi core@,
> > cc hackers@ & stable@
> >
> > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> >
>
Hi!
> > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> > >
> > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
> > >
> > > Volunteers who contribute actual fixes are very much appreciated;
> > > But those styled as 'management' who delay
Kurt Jaeger wrote:
> Hi!
>
> > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
> >
> > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
> >
> > Volunteers who contribute actual fixes are very much appreciated;
> > But those styled as 'management' who
Hi!
> PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
>
> https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
>
> Volunteers who contribute actual fixes are very much appreciated;
> But those styled as 'management' who delay announcements to batch floods
On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey wrote:
>
> Hi core@,
> cc hackers@ & stable@
>
> PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins."
>
> https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html
>
> Volunteers who contribute actual fixes are very
26 matches
Mail list logo