On Wed, Dec 05, 2001 at 12:08:49PM -0500, Mike Barcroft wrote: > Wilko Bulte <[EMAIL PROTECTED]> writes: > > On Wed, Dec 05, 2001 at 11:51:02AM -0500, Mike Barcroft wrote: > > > Jim Durham <[EMAIL PROTECTED]> writes: > > > > Duh... right. OGS..(Old Guy Syndrome). I actually just did a cvsup to > > > > RELENG_4_4 and it didn't have the fixes. I guess I'll rephrase my > > > > question... "Can we have the patches in REGENG_4_4?". > > > > > > RELENG_4_4 is for security fixes only. Consider using -STABLE if you > > > require additional improvements. > > > > s/security/security and critical bug/ > > Did I miss a change in policy? The original announcement about > RELENG_4_3 said: > > : 2) INTRODUCTION OF THE RELENG_4_3 SECURITY BRANCH > : ---------------------------------------------- > : > : As of FreeBSD 4.3-RELEASE, the security officer will be providing > : support for a new CVS branch consisting of 4.3-RELEASE plus all > : released security patches from FreeBSD Security Advisories. This > : branch carries the CVS branch tag of ``RELENG_4_3'', and can be > : tracked using the usual source distribution methods such as cvsup > : using this branch tag. > : > : In contrast to 4.3-STABLE (``RELENG_4''), which carries security > : updates as well as general bugfixes and feature enhancements, the > : RELENG_4_3 release branch will carry ONLY security fixes: it is > : intended for users of FreeBSD who do not wish to track the full > : 4.3-STABLE branch but who wish to keep their system up-to-date with > : security fixes in a semi-automated manner (i.e. without applying > : patches by hand). > : > : This practise of using a release branch to hold security fixes is > : likely to be continued for future releases of FreeBSD. > > I was hoping to find more information in the Handbook, but we seem to > be missing a chapter about this.
Say if a serious bug was found where a system could easily be made instable, without directly posing a security threat. I think one would then also fix this bug in RELENG_4_4 This following the reasoning that people track RELENG_4_4 for production systems that need the utmost stability. Of course this needs approval from the release engineer team. Crashing a system is the ultimate DoS, and DoS fixes would (I assume) find approval from the security-officer. Does this sound reasonable? I agree with you if you want to see this documented somehow. Wilko -- | / o / /_ _ email: [EMAIL PROTECTED] |/|/ / / /( (_) Bulte Arnhem, The Netherlands To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
