[ previous ] [ next ] [ threads ]
 
 From:  Brian McKerr <brian at mckerrs dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Security Announcements
 Date:  Fri, 27 Aug 2004 20:24:07 +1000
Manuel Kasper wrote:

>On 27.08.2004 02:19 -0400, Chris Buechler wrote:
>
>  
>
>>It should probably be made standard practice (and it may already be)
>>that a mailing goes out to the -announce list for any security
>>vulnerabilities in the system.
>>    
>>
>
>It already is. In case that a security problem with m0n0wall or any
>of its components is found, it will of course be fixed in the latest
>release branch (i.e. if one was found in m0n0wall 1.1, something like
>m0n0wall 1.11 would be released), along with a screaming announcement
>on the m0n0wall and m0n0wall-announce mailing lists and the news
>section of the website.
> 
>  
>
>>If this is the policy, IMHO, it should be stated on the website.
>>And I think it would be good to put a recommendation to subscribe
>>to the list on the download page.
>>    
>>
>
>Done (on the security page, because that's where it belongs).
>
>- Manuel
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>
Cool, that is in fact what I was looking for and it gives me that 'warm 
and fuzzy' feeling that the project is active on the security front. Its 
just wierd to see nothing on the announcement list when every other OS 
has its fair share. I understand that's largely due to m0n0 being a very 
small subset of FreeBSD.

Thanks Manuel for changing the security page....... in fact, I'm not 
sure the other 'blurb' on the security page belongs there, its more like 
a 'background' or 'project goals' type of thing.

Brian.