From owner-freebsd-security  Fri May 12 11:30:44 2000
Delivered-To: freebsd-security@freebsd.org
Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2DFD737B59E; Fri, 12 May 2000 11:30:42 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
Received: from localhost (jkh@localhost [127.0.0.1])
	by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id LAA07552;
	Fri, 12 May 2000 11:32:26 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
To: Robert Watson <rwatson@FreeBSD.ORG>
Cc: Derek Werthmuller <dwerthmu@ctg.albany.edu>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Applying patches with out a compiler 
In-reply-to: Your message of "Fri, 12 May 2000 12:40:04 EDT."
             <Pine.NEB.3.96L.1000512123717.44824A-100000@fledge.watson.org> 
Date: Fri, 12 May 2000 11:32:26 -0700
Message-ID: <7549.958156346@localhost>
From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> For patches where it's appropriate, I've been strongly considering
> releasing "packages" that update the key parts of the base OS for security
> fixes.  This would be similar to the BSD/OS patch level support for fixes,
> although restricted only to security stuff.  This would provide access to
> security fixes for non-source-centric sites, which I think is important. 
> With 4.0 I haven't had the opportunity to exercise this possibility as
> yet. :-)
> 
> I.e., 
> 
>   pkg_add secpatch_4.0-RELEASE_001.tgz

That would be cool if we could also somehow automate the process,
since people will come to depend on it as an upgrade process.

- Jordan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message