From owner-freebsd-security Thu Jun 27 11:19:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from guest.cg.nu (guest.cg.nu [213.196.7.60]) by hub.freebsd.org (Postfix) with ESMTP id 9C2D037B406 for ; Thu, 27 Jun 2002 11:18:55 -0700 (PDT) Received: (qmail 3368 invoked by uid 85); 27 Jun 2002 18:18:54 -0000 Received: from unknown (HELO wevers.org) (213.84.69.96) by guest.cg.nu with SMTP; 27 Jun 2002 18:18:51 -0000 Message-ID: <3D1B5709.8010902@wevers.org> Date: Thu, 27 Jun 2002 20:18:49 +0200 From: Henk Wevers User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0rc2) Gecko/20020512 Netscape/7.0b1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv References: <3D1B4E24.1F91E51D@centtech.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS perl-11 hosted on guest.cg.nu Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Is it possible that all the port mantainers bump the portversion one number higher, so that upgrading is more easy to update an package like apache? I allready updated apache for an example, only not after the new make world again. If i do this i will need to deinstall and reinstall the port. My EUR 0.02 cents Henk Eric Anderson wrote: > I mentioned this a while back, and I still think it's a good idea (once once > OpenSSH is ready). Like we were saying with the Apache bug - those who don't > read the lists, are typically RELEASE hungry, and will jump all over a 4.6.1 > without really caring that it's mostly security fixes - and those that do follow > the lists, will have their stuff patched and ready before the 4.6.1 rolled out, > so we get best of both worlds. > > That's just my $0.02 - not meaning much without an @freebsd.org at the end of my > email. :) > > Eric > > p.s. - should this move to -chat? > > > Robert Watson wrote: > >>On Thu, 27 Jun 2002, Matthew Dillon wrote: >> >> >>> I'm beginning to think that once all this settles down a 4.6.1 release >>> may be a good idea. Apache, ssh, now the resolver... nasty. >> >>I've been wondering about that also. However, the release engineering >>process is fairly heavy-weight, and the last time we did a light-weight >>x.x.1 release, people leapt on that opportunity to over-load it with lots >>of minor fixes that ended up making it a fairly broken release (since >>inevitably they weren't minor, but we weren't willing to do a full >>heavy-weight release). Regardless, we'd want to wait to spin a .x.x.1 >>release until the new OpenSSH was merged back, I think, so it will be a >>bit yet before we can really make a decision on this. The best strategy >>would be to literally slap down another tag on RELENG_4_6 and call it >>RELENG_4_6_1 point-release. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message