From owner-freebsd-security Thu Apr 18 11: 0:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id CDD8937B400 for ; Thu, 18 Apr 2002 11:00:14 -0700 (PDT) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 5CD474C; Thu, 18 Apr 2002 13:00:14 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.2/8.11.6) with ESMTP id g3II0E0G025102; Thu, 18 Apr 2002 13:00:14 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.2/8.12.2/Submit) id g3II0BlS025101; Thu, 18 Apr 2002 13:00:11 -0500 (CDT) Date: Thu, 18 Apr 2002 13:00:11 -0500 From: "Jacques A. Vidrine" To: Brett Glass Cc: Nate Williams , Christopher Schulte , security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020418180011.GB24952@madman.nectar.cc> References: <4.3.2.7.2.20020418095356.024354c0@nospam.lariat.org> <4.3.2.7.2.20020417230144.032ad390@nospam.lariat.org> <200204171923.g3HJNga58899@freefall.freebsd.org> <4.3.2.7.2.20020418095356.024354c0@nospam.lariat.org> <4.3.2.7.2.20020418114304.00dccf00@nospam.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4.3.2.7.2.20020418114304.00dccf00@nospam.lariat.org> User-Agent: Mutt/1.3.28i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Apr 18, 2002 at 11:49:24AM -0600, Brett Glass wrote: > How does one know that there isn't a system-crashing bug in some other > part of the tree for the same date? What's needed is not just the > snapshot that happened to be available that day (or today) but one > that's known to be reasonably stable. Remember, a snapshot of -STABLE > taken on a random day is not guaranteed even to boot! I thought we were talking about the security branch. CVSup to RELENG_4_5 when and advisory comes out, and you are good to go. That is what 4.5-RELEASE-p3 is, right now, by the way: RELENG_4_5 as of the latest advisory. > Not true at all. What administrators using FreeBSD need is not > "hand-holding" but a way to upgrade to a known good snapshot. > Not necessarily the absolute latest, but one with the needed > patches which others have seen to work. That is what RELENG_4_? is for. > I'm a developer myself, and therefore understand the value of testing. > It should be possible to get a snapshot ("patch level N," or whatever) > which one knows that others have tried and have found to work. As an > administrator, you should want this too. There is. What's the problem? -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message