Bugtraq mailing list archives
Re: Sendmail 8.8.x - time to upgrade?
From: kris () HUB FREEBSD ORG (Kris Kennaway)
Date: Sun, 12 Mar 2000 14:42:15 -0800
On Thu, 15 Jul 1999, Michal Zalewski wrote:
Another bad thing about authors of distributions - they usually. Good words to RedHat - their advisories and packages with supplied .diff files are quite good. Flames to Slackware - they did really good work, but seems to me they feel not obliged to inform people about fixes the way RH does. Sometimes I get really surprised when I find out that a lot of security holes present in eg. RH are not present in Slackware, but there's no any information about bugfixes etc.
This is an important point which I think you (and others) should be aware of. Organisations like Slackware (and incidentally FreeBSD) are volunteer-driven, unlike Redhat who (can) pay people to do the grunt jobs they need doing. This means that things like security advisories are dependant on some volunteer finding the time in his busy schedule to actually write the thing. As important as security advisories are, please try and think of the human face behind it before "flaming" a volunteer software vendor. These people are giving up their free time for you, and if occasionally they don't manage to keep up with the sometimes furious pace of security advisory releasing (I should know, I have 5 ports advisories waiting to be written for FreeBSD which I'm trying to find time for), you should still be grateful for the times when they do. Kris Kennaway FreeBSD Ports Security Officer ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe <forsythe () alum mit edu>
Current thread:
- Re: Sendmail 8.8.x - time to upgrade? Kris Kennaway (Mar 12)