Re: FreeBSD Patch question
From: Bruce M Simpson (bms_at_spc.org)
Date: 09/28/03
- Previous message: Devon H. O'Dell: "Re: FreeBSD Patch question"
- In reply to: V. Jones: "Re: FreeBSD Patch question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Sep 2003 23:49:49 +0100 To: "V. Jones" <vjones62@earthlink.net>
On Sat, Sep 27, 2003 at 03:40:35PM -0400, V. Jones wrote:
> Thanks to everyone who responded - my question really had more to do with applying patches as they are presented in the various security advisories. It sounds like most of you don't do it that way; it sounds like you track freebsd-stable using cvsup. However, section 21.2.2.2 of the handbook seems to advise against doing this when all you want to do is apply security fixes:
>
> "While it is true that security fixes also go into the FreeBSD-STABLE branch, you do not need to track FreeBSD-STABLE to do this. Every security advisory for FreeBSD explains how to fix the problem for the releases it affects [1] , and tracking an entire development branch just for security reasons is likely to bring in a lot of unwanted changes as well."
You can track a RELEASE branch instead, this is one reason for their
existence. Only security-officer@ has the power to mandate that a patch
be committed to a release branch after it has been released.
This is what I do for my production machines.
BMS
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Devon H. O'Dell: "Re: FreeBSD Patch question"
- In reply to: V. Jones: "Re: FreeBSD Patch question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
