Bugtraq mailing list archives
Re: OpenBSD remote root
From: Dan Harkless <dan-bugtraq () DILVISH SPEED NET>
Date: Wed, 20 Dec 2000 20:57:39 -0800
Jose Nazario <jose () biocserver BIOC CWRU Edu> writes:
On Tue, 19 Dec 2000, Dan Harkless wrote:This has been argued before, but many think that OpenBSD's policy of not having a specific security announcement mailing list is rash and is poor security policy. It's great to say that someone should "check the webpage more often", but obviously not everyone can watch it every instant.there is the list security-announce () openbsd org which works fine. its how i first heard about the FPd problem. very low traffic.
Sorry, last time I checked out OpenBSD they didn't have such a list, and rather forced you to actively check the web page, as the message I replied to was suggesting. This list must be pretty new -- I just checked out all four OpenBSD mailing list archive sites, and none of them have an archive of it.
i have said it before and i will say it again: you should be on every security list your vendor puts out. nearly every vendor has one. some are just busier than others.
Yup, agree completely. Hopefully this post will alert some people to the fact that that list exists now. ---------------------------------------------------------------------- Dan Harkless | To prevent SPAM contamination, please dan-bugtraq () dilvish speed net | do not mention this private email SpeedGate Communications, Inc. | address in Usenet posts. Thank you.
Current thread:
- OpenBSD remote root Typo Princep (Dec 18)
- Re: OpenBSD remote root joshua stein (Dec 19)
- Re: OpenBSD remote root Emre (Dec 19)
- Re: OpenBSD remote root Dan Harkless (Dec 20)
- Re: OpenBSD remote root Jose Nazario (Dec 20)
- Re: OpenBSD remote root Dan Harkless (Dec 21)
- listing of vendor's security-announcement lists Matt Power (Dec 22)
- Re: OpenBSD remote root Dan Harkless (Dec 20)
- Re: OpenBSD remote root David Damerell (Dec 20)
- <Possible follow-ups>
- Re: OpenBSD remote root Theo de Raadt (Dec 21)