From owner-freebsd-questions@FreeBSD.ORG Tue Apr 8 07:03:40 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C53F37B401 for ; Tue, 8 Apr 2003 07:03:40 -0700 (PDT) Received: from mired.org (ip68-97-54-220.ok.ok.cox.net [68.97.54.220]) by mx1.FreeBSD.org (Postfix) with SMTP id 0C76543F85 for ; Tue, 8 Apr 2003 07:03:39 -0700 (PDT) (envelope-from mwm-dated-1050242618.1ac2ff@mired.org) Received: (qmail 28360 invoked from network); 8 Apr 2003 14:03:38 -0000 Received: from localhost.mired.org (HELO guru.mired.org) (127.0.0.1) by localhost.mired.org with SMTP; 8 Apr 2003 14:03:38 -0000 Received: by guru.mired.org (tmda-inject, from uid 100); Tue, 08 Apr 2003 09:03:38 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Message-ID: <16018.54969.764773.922302@guru.mired.org> Date: Tue, 8 Apr 2003 09:03:37 -0500 To: =?iso-8859-1?Q?Miguel_Gon=E7alves?= In-Reply-To: References: X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`; h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: Mike Meyer X-Delivery-Agent: TMDA/0.73 (Jet Pilot) cc: freebsd-questions@freebsd.org Subject: Re: Old version support X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2003 14:03:40 -0000 In , Miguel Go= n=E7alves typed: > I am going to install a FreeBSD 4.8 server to be used only as > a SMB server for a small network of Windows clients. I intend > to install it and leave it running without much administration > intervention (except for security bugs because we all know that > the other bugs are hard to find in FreeBSD). >=20 > Given the current End-of-Life policy for FreeBSD releases I was > wondering how can I know about security problems for unsupported > FreeBSD releases. For example, if I install 4.8 know and if in > 2 years a kernel security bug is found that affects only the 4.x > branch I suppose that a SA wouldn't be released. This could be > less far-fetched: I could be running 4.4 know and I wouldn't > know about security bugs that I should be aware of. I think your supposition isn't necessarily correct. Security fixes are still going into 3.x, where applicable. You can expect 4.x to supported for security fixes until 6-STABLE shows up. The real question is how long patches will show up 4.x-RELEASE's other than the last one after 5-STABLE shows up. Since there weren't security patches for 3.x, there's no prior experience to provide guidance. > How is it possible to cope with this without installing a current > version? The only way to ensure support for an open source product is to provide it yourself - either by doing the work yourself, or hiring someone to do it. If you're planning on hiring someone, you might consider starting a working arrangement now, and letting them bill you for applying the provided patches so you're used to working with them. You should also let them secure the system, so they'll know which SAs are relevant. On the other hand, this won't be a real issue until SAs start showing up with patches for releases later than yours, and you have no idea when that will happen. =09=09=09http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more informatio= n.