-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/23/11 11:53, Karl Denninger wrote: > I happen to APPLAUD the FreeBSD Security team for doing this. > > I WANT security fixes out as soon as reasonably possible. You're NOT > telling the bad guys anything they don't already know, but you ARE > making it possible for the good guys to raise shields. > > A "remote root" problem is about as bad as it gets.
+1 Even if the timing is less than optimal, having the necessary information "out there" offers the opportunity for each organization to make an *informed choice* as to which vulnerabilities might be present in their deployments, which are of highest priority and what resourcing decision are appropriate in their specific context. The FreeBSD Security folk are not saying "you must do this today"; they *can't* make that call on our behalf - it is entirely an organizational decision based on our assessment(s) of our risk and exposure, imb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk70vFkACgkQQv9rrgRC1JJ1YgCdELKoI5JH8FaIjrlHm/Fco3y1 3s8AoJHarM0WhuCf0edFUWQpfkFF4g+S =Z4M2 -----END PGP SIGNATURE----- _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"