Date: Tue, 8 Apr 2003 09:03:37 -0500 From: Mike Meyer <mwm-dated-1050242618.1ac2ff@mired.org> To: =?iso-8859-1?Q?Miguel_Gon=E7alves?= <miguelg@fe.up.pt> Cc: freebsd-questions@freebsd.org Subject: Re: Old version support Message-ID: <16018.54969.764773.922302@guru.mired.org> In-Reply-To: <Pine.LNX.4.33.0304081414220.13566-100000@gnomo.fe.up.pt> References: <Pine.LNX.4.33.0304081414220.13566-100000@gnomo.fe.up.pt>
next in thread | previous in thread | raw e-mail | index | archive | help
In <Pine.LNX.4.33.0304081414220.13566-100000@gnomo.fe.up.pt>, Miguel Go= n=E7alves <miguelg@fe.up.pt> typed: > I am going to install a FreeBSD 4.8 server to be used only as > a SMB server for a small network of Windows clients. I intend > to install it and leave it running without much administration > intervention (except for security bugs because we all know that > the other bugs are hard to find in FreeBSD). >=20 > Given the current End-of-Life policy for FreeBSD releases I was > wondering how can I know about security problems for unsupported > FreeBSD releases. For example, if I install 4.8 know and if in > 2 years a kernel security bug is found that affects only the 4.x > branch I suppose that a SA wouldn't be released. This could be > less far-fetched: I could be running 4.4 know and I wouldn't > know about security bugs that I should be aware of. I think your supposition isn't necessarily correct. Security fixes are still going into 3.x, where applicable. You can expect 4.x to supported for security fixes until 6-STABLE shows up. The real question is how long patches will show up 4.x-RELEASE's other than the last one after 5-STABLE shows up. Since there weren't security patches for 3.x, there's no prior experience to provide guidance. > How is it possible to cope with this without installing a current > version? The only way to ensure support for an open source product is to provide it yourself - either by doing the work yourself, or hiring someone to do it. If you're planning on hiring someone, you might consider starting a working arrangement now, and letting them bill you for applying the provided patches so you're used to working with them. You should also let them secure the system, so they'll know which SAs are relevant. On the other hand, this won't be a real issue until SAs start showing up with patches for releases later than yours, and you have no idea when that will happen. =09<mike --=20 Mike Meyer <mwm@mired.org>=09=09http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more informatio= n.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16018.54969.764773.922302>