From owner-freebsd-security Mon Jul 1 12:33: 0 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B55B37B400 for ; Mon, 1 Jul 2002 12:32:58 -0700 (PDT) Received: from mail.gbronline.com (mail.gbronline.com [12.145.226.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8AB3F43E13 for ; Mon, 1 Jul 2002 12:32:57 -0700 (PDT) (envelope-from kdk@daleco.biz) Received: from daleco [12.145.236.237] by mail.gbronline.com (SMTPD32-7.10) id AE0911AE0246; Mon, 01 Jul 2002 14:31:21 -0500 Message-ID: <008401c22136$08d62e00$edec910c@fbccarthage.com> From: "Kevin Kinsey, DaleCo, S.P." To: "Ralph Huntington" , References: <20020701141839.V50179-100000@mohegan.mohawk.net> Subject: Re: security fixes Date: Mon, 1 Jul 2002 14:32:26 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org No one's tried on this yet, so I will. comments inline ----- Original Message ----- From: "Ralph Huntington" To: Sent: Monday, July 01, 2002 1:20 PM Subject: security fixes > With all the traffic surrounding these recent vulnerabilities, it's a > little confusing to know what one has to do and need not do. Let me ask > this one question, please: > > In cvsup'ing the patched sources, if I have a 4.6-RELEASE box, should I > cvsup RELENG_4_6 and for the earlier 4.x machines cvsup RELENG_4 ??? > The more I think about the question, the tricker it gets, so I think I begin to see your point. You'd have to look at what's been committed to see for sure. I don't think that you'd break anything by doing RELENG_4_6 even on your earlier boxes, though. After all, you're going to make buildworld anyway... If you cvsup the "earlier" machines to RELENG_4, they will actually be "more up to date" than the 4.6-RELEASE box you have now, not that I'm telling you something you don't already know, I guess. > Or should they all get RELENG_4 ? > If you want them all to run -STABLE, yes. Personally, -STABLE seems pretty -STABLE right now, for me, running mail, web, database, etc. They say "you may not wish to run -STABLE on production servers" so *caveat emptor*, I guess, but I have no probs with -STABLE built last week. > Thank you, Ralph > HTH, KDK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message