From owner-freebsd-security Mon Jul 1 13: 7:36 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4630637B400 for ; Mon, 1 Jul 2002 13:07:32 -0700 (PDT) Received: from mail.gbronline.com (mail.gbronline.com [12.145.226.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98C0743E09 for ; Mon, 1 Jul 2002 13:07:31 -0700 (PDT) (envelope-from kdk@daleco.biz) Received: from daleco [12.145.236.237] by mail.gbronline.com (SMTPD32-7.10) id A62363D9007E; Mon, 01 Jul 2002 15:05:55 -0500 Message-ID: <009201c2213a$dd3a4b00$edec910c@fbccarthage.com> From: "Kevin Kinsey, DaleCo, S.P." To: "Ralph Huntington" Cc: References: <20020701153650.Q50179-100000@mohegan.mohawk.net> Subject: Re: security fixes Date: Mon, 1 Jul 2002 15:07:01 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- From: "Ralph Huntington" To: "Kevin Kinsey, DaleCo, S.P." Cc: Sent: Monday, July 01, 2002 2:41 PM Subject: Re: security fixes >Hmmm... I would think STABLE is what one sould >want to run on a production >machine. I'm beginning to feel confused again. As opposed to -CURRENT, yes. However, the committers want everyone to realize that once in a while you might build -STABLE with something broken (albeit rare, as in the coincidence of the "blue moon" and "hen's teeth" together...) but it still could happen. -RELEASE is a -STABLE that gets frozen for a while to see if any problems pop up, or if it can be crowed about and burned to CD with confidence (I hope the RELENG team doesn't think I'm minimizing their hard work here.) Some people read the warning about -STABLE in the Handbook (that I quoted earlier) and decide only to run -RELEASE and patch security fixes, and there is a cvs tag for this, called RELENG_4_x. This is where a little confusion comes in, because after a while they quit patching the older releases. The official line is that it's the current release (4.6) and the last (4.5) that are being patched, so if you're still running 4.4-R, (for example) you're no longer sure you can cvsup with RELENG_4_4 and get any new patches. As I said, -STABLE's running fine for me right now and has everytime I've tried it. [If there's confusion on the term "production machine," I take this to mean an active www/mail/file server that you can't afford to have downtime on....] KDK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message