From owner-freebsd-security Sat Mar 27 21:39:23 1999 Delivered-To: freebsd-security@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id C201A14CF7 for ; Sat, 27 Mar 1999 21:39:21 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) Received: from zippy.cdrom.com (localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id VAA34989; Sat, 27 Mar 1999 21:37:52 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) To: Andrew McNaughton Cc: Warner Losh , Gustavo Rios , freebsd-security@FreeBSD.ORG Subject: Re: suid/guid In-reply-to: Your message of "Sun, 28 Mar 1999 16:48:41 +1200." <199903280448.QAA10976@aniwa.sky> Date: Sat, 27 Mar 1999 21:37:52 -0800 Message-ID: <34987.922599472@zippy.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Does 2.2.8-STABLE exist? I thought 2.2.8 had stopped at RELEASE. "Official" support stopped as of 2.2.8-RELEASE, yes, but various committers have continued to fold in changes that were important to them and/or requested on an individual basis. As long as there's somebody willing to back-port a change, and it's of the "no brainer" type where no conceivable de-stabilizing downside exists, there's a sort of tacit approval to commit it after the branch has officially died. Doing a quick diff between the RELENG_2_2_8_RELEASE and RELENG_2_2 tags, in fact, I see XXXK of diffs, mostly in the area of man page fixes, Y2K changes (cosmetic) and login class defaults. The vinum filesystem also entered the tree, post-2.2.8, for some special customer. > There was some discussion, and I gather a 2.2.8 ports collection is > on the net. Unless this is being kept up to date, it will include > some security holes. This is something which should be actively taken up with Satoshi Asami and/or ports@freebsd.org - I have no idea what his plans for updating the ports which have specific and important security holes in them; if asked nicely, he's generally pretty accomodating about the exceptions. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message