Date: Mon, 16 Dec 1996 12:18:39 -0700 (MST) From: Marc Slemko <marcs@znep.com> To: Adam Kubicki <mikee@solozzo.tele.pw.edu.pl> Cc: freebsd-security@freebsd.org Subject: Re: why is -stable not secure? Message-ID: <Pine.BSF.3.95.961216120718.9445A-100000@alive.ampr.ab.ca> In-Reply-To: <199612161654.IAA16978@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Because no one has put them there. They can be there the second after they are in -current if they are put there; that happens when the person committing them feels confident enough in the patch and has the time to. If you think that the holes discovered in -stable (or current, for that matter) are anywhere near all of them, think again. I would bet that if someone wanted to find a hole to exploit, they would simply have to look over the OpenBSD CVS logs to find dozens. These should be integrated into FreeBSD. When will they? When someone has time. I don't have any more powers than you, but I probably would have had someone commit this fix to -stable within the next few weeks; it is one of the fixes I have sitting around to be commited to various branches that I haven't got around to putting together yet. Most of these problems require little knowledge to find and little knowledge to fix. In fact, things would be helped if someone sat watching the freebsd-cvs-all list which details all the CVS changes and, if you see an important security fix come through that doesn't get commited to -stable, gently prod the person who commited it to -current to commit it to -stable if possible. Now it is even worse than before; there are now three different trees; -current (3.0), 2.2, and 2.1. Don't underestimate the work it takes to keep things together when you have three different places to fix. If there is someone interested in keeping -stable up to date in this way, perhaps they could take on an informal role of keeping it up to date with things like this; find a commiter who will take patches from you that you pull from -current and put into -stable. On Mon, 16 Dec 1996, Adam Kubicki wrote: > hi, > > I'd like to ask why patches included in -current aren't in -stable > version? There are few serious bugs (security too) fixed in -current but not > in -stable. How long it takes to move patches to -stable source tree?? > > -adam >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961216120718.9445A-100000>