Security Vulnerabilities


#1

I tried searching, but didn’t see a separate category for Security. Is there an area where security in general is discussed? This area could cover issues and vulnerabilities and other aspects of security. Thank you.


#2

What follows is my opinion only, the official project may have different opinions.

I don’t believe there is a separate category at the moment, so I’d say “Help and Support” is as good a place as any.
Maybe adding something like “[Security]” in the title can serve as a place holder until/if they decide to make a separate category.

A reason “why not” may be that at it’s core, TrueOS has all the vulnerabilities and fixes that upstream FreeBSD and the ports have. OpenRC vulnerabilities would be the only thing not covered by upstream.

Assuming you’re roundabout asking “Meltdown and Spectre”, TrueOS is waiting on FreeBSD.

I highly recommend subscribing to/browsing the FreeBSD security list:

https://docs.freebsd.org/mail/current/freebsd-security.html

Since TrueOS is tracking 12-CURRENT, keep an eye on:

https://docs.freebsd.org/mail/current/svn-src-head.html

freebsd-arch and freebsd-hackers are fun to follow, just don’t get wrapped up in any bikesheds.


#3

Thank you.