Date: Wed, 5 Mar 2003 13:26:36 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Brett Glass <brett@lariat.org> Cc: David Schultz <das@FreeBSD.org>, freebsd-security@FreeBSD.org Subject: Re: Does the patching procedure work? Message-ID: <20030305192635.GA23113@madman.celabo.org> In-Reply-To: <4.3.2.7.2.20030305121248.02c5e720@localhost> References: <4.3.2.7.2.20030305100150.048518c0@localhost> <4.3.2.7.2.20030305052142.03f04200@localhost> <4.3.2.7.2.20030305050739.03f078f0@localhost> <4.3.2.7.2.20030305052142.03f04200@localhost> <4.3.2.7.2.20030305100150.048518c0@localhost> <4.3.2.7.2.20030305121248.02c5e720@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 05, 2003 at 12:17:25PM -0700, Brett Glass wrote: > At 12:09 PM 3/5/2003, Jacques A. Vidrine wrote: > >> Patches should be provided back to 4.4, IMHO. > > > >Um, in this case, they were provided all the way back to 3.x. > > Nope. The revised advisory published to -announce provided only one patch, at > > ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:04/sendmail.patch > > and it failed to apply completely. No other patch was offered. I see. I was referring to the security branches, of course. We don't and won't generate patch sets for no-longer-supported branches. Of course there are myriad ways that you can unerringly do so yourself for fixes that have been committed. I should also point out that in general, we do not support patching systems that have not also had all other previous patches applied first. > There > were replacement binaries for 5.0, 4.7, and 4.6, which does not go back > a full year. > > There really should be support for each release for a year. I agree. That is why approximately 2 weeks ago, I changed the policy from `the last two releases' to 12 months. Kind of a quiet change really. http://www.freebsd.org/cgi/cvsweb.cgi/www/en/security/security.sgml.diff?r1=1.124&r2=1.125 At that time, RELENG_4_5 was already `over' under both the old and new policy. Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030305192635.GA23113>