From owner-freebsd-questions@FreeBSD.ORG Tue Apr 8 12:52:31 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B97037B401 for ; Tue, 8 Apr 2003 12:52:31 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-63-207-60-150.dsl.lsan03.pacbell.net [63.207.60.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4E32D43F85 for ; Tue, 8 Apr 2003 12:52:30 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id C6B2666D16; Tue, 8 Apr 2003 12:52:29 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id B691010E1; Tue, 8 Apr 2003 12:52:29 -0700 (PDT) Date: Tue, 8 Apr 2003 12:52:29 -0700 From: Kris Kennaway To: Mike Meyer Message-ID: <20030408195229.GB65482@rot13.obsecurity.org> References: <16018.54969.764773.922302@guru.mired.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="s2ZSL+KKDSLx8OML" Content-Disposition: inline In-Reply-To: <16018.54969.764773.922302@guru.mired.org> User-Agent: Mutt/1.4i cc: freebsd-questions@freebsd.org cc: Miguel Gon?alves Subject: Re: Old version support X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2003 19:52:31 -0000 --s2ZSL+KKDSLx8OML Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 08, 2003 at 09:03:37AM -0500, Mike Meyer wrote: > In , Miguel Gon?= alves typed: > > I am going to install a FreeBSD 4.8 server to be used only as > > a SMB server for a small network of Windows clients. I intend > > to install it and leave it running without much administration > > intervention (except for security bugs because we all know that > > the other bugs are hard to find in FreeBSD). > >=20 > > Given the current End-of-Life policy for FreeBSD releases I was > > wondering how can I know about security problems for unsupported > > FreeBSD releases. For example, if I install 4.8 know and if in > > 2 years a kernel security bug is found that affects only the 4.x > > branch I suppose that a SA wouldn't be released. This could be > > less far-fetched: I could be running 4.4 know and I wouldn't > > know about security bugs that I should be aware of. >=20 > I think your supposition isn't necessarily correct. Security fixes are > still going into 3.x, where applicable. You can expect 4.x to > supported for security fixes until 6-STABLE shows up. The real > question is how long patches will show up 4.x-RELEASE's other than the > last one after 5-STABLE shows up. Since there weren't security patches > for 3.x, there's no prior experience to provide guidance. This is kind of wrong. Security fixes are usually not committed to 3.x (that release has been EOLed for some time), and the current support lifetime for 4.x releases is documented on www.freebsd.org/security (basically for 1 year after release). Kris --s2ZSL+KKDSLx8OML Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+kyh9Wry0BWjoQKURAlQvAJwKxTD79dMmcARUQeChSdsBVHza/gCfYDMQ ZJn6Pcr/w8e5Xwqi9hZY/9E= =WNbM -----END PGP SIGNATURE----- --s2ZSL+KKDSLx8OML--