From owner-freebsd-security Tue Jul 2 14:13:15 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C7B037C26D for ; Tue, 2 Jul 2002 14:11:42 -0700 (PDT) Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.89]) by mx1.FreeBSD.org (Postfix) with ESMTP id E09BA44271 for ; Tue, 2 Jul 2002 10:23:19 -0700 (PDT) (envelope-from wincentcolaiuta@mac.com) Received: from smtp-relay04-en1.mac.com (smtp-relay04-en1 [10.13.10.223]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g62HNJTQ027366 for ; Tue, 2 Jul 2002 10:23:19 -0700 (PDT) Received: from asmtp02.mac.com (asmtp02-qfe3.mac.com [10.13.10.66]) by smtp-relay04-en1.mac.com (8.12.1/8.12.1/1.0) with ESMTP id g62HNEtF008601 for ; Tue, 2 Jul 2002 10:23:14 -0700 (PDT) Received: from cannondale.elcentro.red ([202.45.118.108]) by asmtp02.mac.com (Netscape Messaging Server 4.15) with ESMTP id GYMTMN00.DG4 for ; Tue, 2 Jul 2002 10:23:11 -0700 Date: Wed, 3 Jul 2002 02:52:56 +0930 Subject: Re: security fixes Content-Type: text/plain; charset=ISO-8859-1; format=flowed Mime-Version: 1.0 (Apple Message framework v482) From: Wincent Colaiuta To: freebsd-security@freebsd.org Content-Transfer-Encoding: quoted-printable In-Reply-To: <009201c2213a$dd3a4b00$edec910c@fbccarthage.com> Message-Id: <592EA664-8DE0-11D6-A483-003065C60B4C@mac.com> X-Mailer: Apple Mail (2.482) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org El Tuesday, 2 July, 2002, a las 05:37 AM, Kevin Kinsey, DaleCo, S.P.=20 escribi=F3: > Some people read the warning about -STABLE in > the Handbook (that I quoted earlier) and decide only > to run -RELEASE and patch security fixes, and > there is a cvs tag for this, called RELENG_4_x. > This is where a little confusion comes in, because > after a while they quit patching the older releases. So on production systems track RELENG_4_6 now, and when that stops being=20= updated, start tracking RELENG_4_7, and so on.... I can't see any=20 problems with that. That way you're tracking the security fixes and=20 critical patches, and then when you need to you're upgrading your entire=20= system in safe way. I think the advice to not track STABLE on production machines is good.=20= Sure, STABLE is mostly exactly that: STABLE. But there are always going=20= to be exceptions... The last thing you want is a machine that won't boot=20= after something went wrong and you have to pay $$$ to get access to the=20= datacentre and rescue the machine... Cheers Wincent To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message