From owner-freebsd-security Mon May 20 4:27:44 2002 Delivered-To: freebsd-security@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id B909137B408; Mon, 20 May 2002 04:27:33 -0700 (PDT) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 203A651; Mon, 20 May 2002 06:27:33 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.3/8.11.6) with ESMTP id g4KBRWpd057975; Mon, 20 May 2002 06:27:32 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.3/8.12.3/Submit) id g4KBRWs1057974; Mon, 20 May 2002 06:27:32 -0500 (CDT) Date: Mon, 20 May 2002 06:27:32 -0500 From: "Jacques A. Vidrine" To: Maxim Sobolev Cc: developers@FreeBSD.org, security@FreeBSD.org, dsyphers@uchicago.edu Subject: Re: Is 4.3 security branch officially "out of commission"? Message-ID: <20020520112732.GA57935@madman.nectar.cc> References: <3CE8C3E2.EBF4EC8F@FreeBSD.org> <200205201008.g4KA8uKl000787@midway.uchicago.edu> <3CE8D057.BEA07F0@FreeBSD.org> <3CE8C3E2.EBF4EC8F@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3CE8D057.BEA07F0@FreeBSD.org> <3CE8C3E2.EBF4EC8F@FreeBSD.org> User-Agent: Mutt/1.3.99i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, May 20, 2002 at 12:37:38PM +0300, Maxim Sobolev wrote: > I was notified by the members of the local FreeBSD community (we have > a very strong presence of FreeBSD in ISP circles here) that seemingly > 4.3 security branch isn't supported anymore, even though there was no > official announcement about decommissioning. See : The FreeBSD Security Officer Team provides security advisories for the following releases of FreeBSD: * The most recent official release of FreeBSD. * FreeBSD-stable, when at least 2 releases are based on it. * The previous FreeBSD-stable when a "new stable" does not yet have 2 releases based on it. At this time, security advisories are being released for: * FreeBSD 4.4-RELEASE * FreeBSD 4.5-RELEASE * FreeBSD 4.5-STABLE This also implies that when 4.6-RELEASE `ships', that 4.4-RELEASE will no longer be `officially' supported by the FreeBSD Security Officer Team. Note that as time and resources allow, we do try to merge to older branches. On Mon, May 20, 2002 at 01:30:47PM +0300, Maxim Sobolev wrote: > What is the official procedure when somebody not from the security > team want to maintain older releases? For example, as I said there is > significant push from the local community to merge recent security > fixes into older releases, so that it is likely that they could > provide to me with tested patches for older releases they are > interested in. May I merge them into 4.3 security branch without my > commit bit being suspended for inappropriate MFCs into security > branch? You may not make commits to RELENG_4_* without security-officer approval. However, if you have well-tested patches for older branches, you shall almost certainly get approval or the team shall commit them for you. Of course, this will not magically turn the old branch into `supported', and it is strongly recommended that folks update to a newer release in order to benefit not only from security fixes but from all the various other major fixes and improvements that occur over time to 4.x. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message