From owner-freebsd-security@freebsd.org Sun Dec 10 16:50:09 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0D6A0E907D3 for ; Sun, 10 Dec 2017 16:50:09 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: from host64.shmhost.net (host64.shmhost.net [213.239.241.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C7FC076BA3 for ; Sun, 10 Dec 2017 16:50:08 +0000 (UTC) (envelope-from franco@lastsummer.de) Received: from francos-mbp.homeoffice.local (dslb-178-012-107-202.178.012.pools.vodafone-ip.de [178.12.107.202]) by host64.shmhost.net (Postfix) with ESMTPSA id 8F7A016DD9C; Sun, 10 Dec 2017 17:49:58 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: [FreeBSD-Announce] FreeBSD 11.0 end-of-life From: Franco Fichtner In-Reply-To: <23084.52304.918811.943377@hergotha.csail.mit.edu> Date: Sun, 10 Dec 2017 17:49:57 +0100 Cc: freebsd-security Content-Transfer-Encoding: quoted-printable Message-Id: <87D630E8-E068-4F9A-873B-5EEBCA1C80B8@lastsummer.de> References: <20171208192538.C5C4D1C234@freefall.freebsd.org> <23084.52304.918811.943377@hergotha.csail.mit.edu> To: Garrett Wollman X-Mailer: Apple Mail (2.3273) X-Virus-Scanned: clamav-milter 0.99.2 at host64.shmhost.net X-Virus-Status: Clean X-Spam-Flag: NO X-Spam-Score: -1.0 X-Spam-Status: No score=-1.0 tagged_above=10.0 required=10.0 tests=[ALL_TRUSTED] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 16:50:09 -0000 Hi Garrett, > On 10. Dec 2017, at 6:55 AM, Garrett Wollman = wrote: >=20 > < said: >=20 >> Hi, >>> On 8. Dec 2017, at 8:25 PM, FreeBSD Security Officer = wrote: >>>=20 >>> = +--------------------------------------------------+----------------------= -+ >>> |releng/11.1|11.1-RELEASE|n/a |July 26, 2017 |11.2-RELEASE + 3 = months| >>> = +--------------------------------------------------+----------------------= -+ >=20 >> Is there *any* indication when X + 3 is going to be? Because as a = downstream >> vendor X + 3 months usually translates to X, because there is no time = to prepare >> for any of this, especially when swift adoption is enforced by = upstream, e.g. >> by deprecated packages, quarterly branch and locking users out of the = ports tree. >=20 > Yeah, that's been one of my concerns all along with this new > deprecation schedule. It takes me about a month to qualify a new > release, and we have only two windows a year when I can actually > deploy it (after testing) -- from 12/26 to 12/30, and from the Monday > after the first Saturday in June until the Friday before the first > Monday in September.[1] Release schedules in recent years have been > pretty pessimal for me as it is. I'll be rolling out 11.1 later this > month, but if 11.2 were to happen in March I'd be SOL before I could > even think about upgrading. That's likely. The issue description was refined on IRC a bit and = basically goes like this: If we have to plan upgrades of production systems running FreeBSD 11.1 = now for all of 2018 WRT 11.2 and not missing the EoL deadline -- how would = we plan for it? We can't, because there is no indication when that is = going to be in the first place. There are two solutions: 1. Support 11.(x-1) along with 11.x and keep the unpredictable schedule. 2. Set a predictable schedule as soon as 11.x comes out for when = 11.(x+1) is planned, even if that deadline is not met in the end. I slightly favour the first solution, but it is clear that it will mean = work for an SO. There is probably a third and fourth action and I would like to see the bright and steering FreeBSD project members to take a constructive = interest in this matter and not let it go uncommented. Cheers, Franco=