freebsd security - Nov 2016 - FreeBSD Security Advisory FreeBSD-SA-16:33.openssh

On 04/11/16 16:39, Kubilay Kocak wrote:
> Security advisories should state explicitly when otherwise supported
> versions are not vulnerable. It's surprising this isn't already the
case.
I disagree. If none of the version I have installed are listed, I don't 
read the rest of the advisory. Time saved. Listing them in a 'not 
affected' part of the message would add complexity and parsing for me - 
less time saved.

Greg.

Hi,

if you look at the advisory, it states "Affects:        All supported
versions of FreeBSD.", while in the "Corrected" section 10.1
& 10.2 are missing.

They are still supported, so the fix for them must be developed or they must be
listed as not affected, if that's the case.


Regards,

Vladimir


On Nov 4, 2016, at 11:01 AM, Gregory Orange <gregory.orange at
calorieking.com> wrote:
> On 04/11/16 16:39, Kubilay Kocak wrote:
>> Security advisories should state explicitly when otherwise supported
>> versions are not vulnerable. It's surprising this isn't already
the case.
> I disagree. If none of the version I have installed are listed, I don't
read the rest of the advisory. Time saved. Listing them in a 'not
affected' part of the message would add complexity and parsing for me - less
time saved.
> 
> Greg.
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at
freebsd.org"