From owner-freebsd-current@FreeBSD.ORG Sat Dec 17 22:35:45 2005 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DB7D16A41F; Sat, 17 Dec 2005 22:35:45 +0000 (GMT) (envelope-from gabor.kovesdan@t-hosting.hu) Received: from server.t-hosting.hu (server.t-hosting.hu [217.20.133.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id E85B343D53; Sat, 17 Dec 2005 22:35:44 +0000 (GMT) (envelope-from gabor.kovesdan@t-hosting.hu) Received: from localhost (localhost [127.0.0.1]) by server.t-hosting.hu (Postfix) with ESMTP id 01895998419; Sat, 17 Dec 2005 23:35:43 +0100 (CET) Received: from server.t-hosting.hu ([127.0.0.1]) by localhost (server.t-hosting.hu [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 44714-04; Sat, 17 Dec 2005 23:35:39 +0100 (CET) Received: from [80.98.231.227] (catv-5062e7e3.catv.broadband.hu [80.98.231.227]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by server.t-hosting.hu (Postfix) with ESMTP id 916259983EE; Sat, 17 Dec 2005 23:35:39 +0100 (CET) Message-ID: <43A492B6.6050305@t-hosting.hu> Date: Sat, 17 Dec 2005 23:35:34 +0100 From: =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Wilko Bulte References: <43A266E5.3080103@samsco.org> <20051217215434.GB92180@svcolo.com> <20051217220807.GA28741@freebie.xs4all.nl> In-Reply-To: <20051217220807.GA28741@freebie.xs4all.nl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at t-hosting.hu X-Mailman-Approved-At: Sun, 18 Dec 2005 03:12:19 +0000 Cc: Joe Rhett , stable@freebsd.org, current Subject: Re: HEADS UP: Release schedule for 2006 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Dec 2005 22:35:45 -0000 Wilko Bulte wrote: >On Sat, Dec 17, 2005 at 01:54:34PM -0800, Joe Rhett wrote.. > > >>On Fri, Dec 16, 2005 at 12:04:05AM -0700, Scott Long wrote: >> >> >>>There will be three FreeBSD 6 releases in 2006. >>> >>> >>While this is nice, may I suggest that it is time to put aside/delay one >>release cycle and come up with a binary update mechanism supported well by >>the OS? Increasing the speed of releases is good. Increasing the number >>of deployed systems out of date because there are no easy binary upgrade >>mechanisms is bad. >> >>It has been bad, it's getting worse. >> >> > >So, when will you fix it? Or hire someone to fix it? FreeBSD after >all is mostly a volunteer operation. > > > I agree. And after all, tracking a security branch isn't too difficult, but the most people think that they have to do a complete "make buildworld" after a security advisory, but this isn't true. For example there was that cvsbug issue in September: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc One can read here: b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/cvs/cvsbug # make obj && make depend && make && make install # cd /usr/src/gnu/usr.bin/send-pr # make obj && make depend && make && make install Is that difficult? I don't think so. No reboot required and it doesn't take more than 5 minutes even on a slower machine. Only the vulnerabilities in the kernel are problematic for servers, since they require a reboot. I think I'll submit a PR with a patch to clarify this in Handbook. Do you consider this useful? Regards, Gabor Kovesdan