support for RELENG_4_4
From: Mark Hartley (mark@work.drapple.com)
Date: 05/08/02
- Next message: Dalin S. Owen: "Re: Accounts with Restricted privileges"
- Previous message: Peter C. Lai: "Re: what does a syncookies attack look like ?"
- Next in thread: Kris Kennaway: "Re: support for RELENG_4_4"
- Reply: Kris Kennaway: "Re: support for RELENG_4_4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 08 May 2002 13:47:58 -0700 (PDT) From: Mark Hartley <mark@work.drapple.com> To: freebsd-security@freebsd.org
I have a question regarding the -SECURITY branch (I know that's not its real
name) for 4.4.
It has been stated (and I found this out only recently) that the only branches
supported for security patches would be the current one and the previous one,
which currently means RELENG_4_4 and RELENG_4_5. I'm assuming that after 4.6
gets released, that security fixes will no longer be (always) applied to the 4_4
branch. Is this correct information? I was bit by this, because I had several
servers using the 4_3 branch, and I didn't realize for quite a while that all
of the fixes were not being applied there (this was after 4.5 came out).
I don't know about many others, but I can't simply throw the newest version on
my servers whenever it comes out. I wait for several months before upgrading,
just to make sure there aren't any "gotchas" that weren't found during the
release engineering process. The problem with waiting is that before the time I
feel I can move up, the branch I've been following has stopped receiving all of
the security fixes. I have a bunch of servers tracking 4_4 and I'm not ready to
move them off of that yet. I probably won't be moving them to track RELENG_4_5
until at least mid summer.
So my question is two-fold:
1. Is the 4_4 branch about to lose it's status as a "receives all security
fixes" branch?
2. Can an email be sent to -security (or wherever deemed appropriate) if/when
that happens so that people like me can know about it?
I understand why only the newest branches get all of the security fixes, due to
the difficulty in porting to older versions of apps, so I'm not griping about
the policy (since I'm not enough of a C coder to make patches for the older
versions). I'm just wanting to know if the policy can be made more public so
folks like me can know when we have to either upgrade or live on our own.
Mark.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Dalin S. Owen: "Re: Accounts with Restricted privileges"
- Previous message: Peter C. Lai: "Re: what does a syncookies attack look like ?"
- Next in thread: Kris Kennaway: "Re: support for RELENG_4_4"
- Reply: Kris Kennaway: "Re: support for RELENG_4_4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
