Timely update via Hackernews:
Note in particular:
"FreeBSD is still vulnerable to the portsnap, freebsd-update, bspatch,
and libarchive vulnerabilities."
Not sure why the portsec team has not commented or published an advisory
(possibly because the freebsd list spam filters are so bad that
You mean operating system as distribution is a Linux term. There's not much
different between HARDENEDBSD and FreeBSD besides that HardenedBSD fixes
vulnerabilities and has a an excellent ASLR system compared to the proposed
one for FreeBSD.
On Aug 9, 2016 3:10 PM, "Roger Marquis" wrote:
> Timel
On Tue, Aug 9, 2016 at 9:21 PM, Matthew Donovan
wrote:
> You mean operating system as distribution is a Linux term. There's not much
> different between HARDENEDBSD and FreeBSD besides that HardenedBSD fixes
> vulnerabilities and has a an excellent ASLR system compared to the proposed
> one for F
> On 10 Aug 2016, at 10:50 AM, Big Lebowski wrote:
>
> With all due respect :)
Not really. Feel free to try again.
___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "f
On Wed, Aug 10, 2016 at 09:50:37AM +0100, Big Lebowski wrote:
> On Tue, Aug 9, 2016 at 9:21 PM, Matthew Donovan
> wrote:
>
> > You mean operating system as distribution is a Linux term. There's not much
> > different between HARDENEDBSD and FreeBSD besides that HardenedBSD fixes
> > vulnerabiliti
On 11/08/2016 1:11 AM, Mail Lists via freebsd-security wrote:
sorry but this is blabla and does not come even near to answering the real
problem:
It appears that freebsd and the US-government is more connected that some of us
might like:
Not publishing security issues concerning update mech
For those not on freebsd-announce (or reddit or anywhere else it got posted)
"FreeBSD Core statement on recent freebsd-update and related
vulnerabilities"
https://lists.freebsd.org/pipermail/freebsd-announce/2016-August/001739.html
Vince
On 11/08/2016 05:22, Julian Elischer wrote:
> On 11/08/2
sorry but this is blabla and does not come even near to answering the real
problem:
It appears that freebsd and the US-government is more connected that some of us
might like:
Not publishing security issues concerning update mechanisms - we all can think
WHY freebsd is not eager on this one
sorry but this is bullshit and does not come even near to answering the real
problem:
It appears that freebsd and the US-government is more connected that some of us
might like:
Not publishing security issues concerning update mechanisms - we all can think
WHY freebsd is not eager on this o