From owner-freebsd-security  Mon Dec 16 14:06:17 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id OAA06975
          for security-outgoing; Mon, 16 Dec 1996 14:06:17 -0800 (PST)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id OAA06968
          for <freebsd-security@freebsd.org>; Mon, 16 Dec 1996 14:06:10 -0800 (PST)
Received: from rover.village.org [127.0.0.1] 
	by rover.village.org with esmtp (Exim 0.56 #1)
	id E0vZlAD-0005R6-00; Mon, 16 Dec 1996 15:05:33 -0700
To: Marc Slemko <marcs@znep.com>
Subject: Re: why is -stable not secure? 
Cc: Adam Kubicki <mikee@solozzo.tele.pw.edu.pl>, freebsd-security@freebsd.org
In-reply-to: Your message of "Mon, 16 Dec 1996 12:18:39 MST."
		<Pine.BSF.3.95.961216120718.9445A-100000@alive.ampr.ab.ca> 
References: <Pine.BSF.3.95.961216120718.9445A-100000@alive.ampr.ab.ca>  
Date: Mon, 16 Dec 1996 15:05:32 -0700
From: Warner Losh <imp@village.org>
Message-Id: <E0vZlAD-0005R6-00@rover.village.org>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <Pine.BSF.3.95.961216120718.9445A-100000@alive.ampr.ab.ca> Marc Slemko writes:
: Because no one has put them there.  They can be there the second after
: they are in -current if they are put there; that happens when the person
: committing them feels confident enough in the patch and has the time to.

Likely because no one is confortable enough making blind commits to
the -stable branch.  I've put a few deltas into the stable branch, but
only after finding people to test them.  It is much harder than it
would appear.

-stable is dead dead dead dead.  (the CVS branch based on 2.1.x that
is).  If you are worried about security, running 2.2 when it is
released may be your best bet.

wish I had better news :-(

Warner