Re: FreeBSD Security Advisory FreeBSD-SA-14:13.pam

[Tomas Hoger <thoger () redhat com>]

On Wed, 4 Jun 2014 09:42:31 +0400 Solar Designer wrote:

> On Wed, Jun 04, 2014 at 04:51:56AM +0000, FreeBSD Security Advisories
> wrote:
> > FreeBSD-SA-14:13.pam          Security Advisory
>
> FreeBSD had reported this OpenPAM issue to the distros list because of
> more likely than average relevance to other distros, and the FreeBSD
> advisory is posted to oss-security for the same reason as well as to
> meet distros list policy.
>
> I mention this so that people are not confused why this one advisory
> is posted in here, even though we had decided that vendor-specific
> advisories are normally not to be posted to oss-security.  There's no
> change in that preference, but there may be exceptions to it like this
> time (for good reasons).

About a month has passed since, at it seems this wasn't a one-off post.
As far as I can see, all FreeBSD security advisories released since
were posted here as well:

http://www.freebsd.org/security/advisories.html

http://www.openwall.com/lists/oss-security/2014/06/05/20
http://www.openwall.com/lists/oss-security/2014/06/24/17
http://www.openwall.com/lists/oss-security/2014/06/24/18
http://www.openwall.com/lists/oss-security/2014/07/08/17

It seems we need someone form FreeBSD team to change their system to
avoid posting all their errata here, or force moderation for all mails
from security-advisories () freebsd org.

-- 
Tomas Hoger / Red Hat Security Response Team