From owner-freebsd-security  Mon May 20  2:37:42 2002
Delivered-To: freebsd-security@freebsd.org
Received: from sdns.kv.ukrtel.net (sdns.kv.ukrtel.net [195.5.27.246])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5C48B37B412; Mon, 20 May 2002 02:37:32 -0700 (PDT)
Received: from vega.vega.com (195.5.51.243 [195.5.51.243]) by sdns.kv.ukrtel.net with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21)
	id J9KHZYD4; Mon, 20 May 2002 12:39:22 +0300
Received: from FreeBSD.org (big_brother.vega.com [192.168.1.1])
	by vega.vega.com (8.11.6/8.11.3) with ESMTP id g4K9bPc01988;
	Mon, 20 May 2002 12:37:25 +0300 (EEST)
	(envelope-from sobomax@FreeBSD.org)
Message-ID: <3CE8C3E2.EBF4EC8F@FreeBSD.org>
Date: Mon, 20 May 2002 12:37:38 +0300
From: Maxim Sobolev <sobomax@FreeBSD.org>
Organization: Vega International Capital
X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)
X-Accept-Language: en,uk,ru
MIME-Version: 1.0
To: developers@FreeBSD.org
Cc: security@FreeBSD.org, nectar@FreeBSD.org
Subject: Is 4.3 security branch officially "out of commission"?
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Folks,

I was notified by the members of the local FreeBSD community (we have
a very strong presence of FreeBSD in ISP circles here) that seemingly
4.3 security branch isn't supported anymore, even though there was no
official announcement about decommissioning. Particularly, exec()
stdio security vulnerability (rev.1.137 src/sys/kern/kern_descrip.c,
rev.1.162 src/sys/kern/kern_exec.c and rev.1.41 
src/sys/sys/filedesc.h) was MFC'ed to 4.5 and 4.4, but not to 4.3.
Nedless to say that they are very disappointed by that fact, because
4.3 is not that outdated and still used just fine on production
machines. Could someone clarify the situation, and correct it if it
was just a mistake.

Thanks!

-Maxim

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message