From owner-freebsd-hackers Wed Dec 5 12:10:26 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from freebie.xs4all.nl (freebie.xs4all.nl [213.84.32.253]) by hub.freebsd.org (Postfix) with ESMTP id 59C6E37B417; Wed, 5 Dec 2001 12:10:22 -0800 (PST) Received: (from wkb@localhost) by freebie.xs4all.nl (8.11.6/8.11.6) id fB5KAKw05753; Wed, 5 Dec 2001 21:10:20 +0100 (CET) (envelope-from wkb) Date: Wed, 5 Dec 2001 21:10:20 +0100 From: Wilko Bulte To: Mike Barcroft Cc: Jim Durham , Jordan Hubbard , Jim Durham , freebsd-hackers@FreeBSD.ORG Subject: Re: Can TCP changes be put in RELENG_4? Message-ID: <20011205211020.A5732@freebie.xs4all.nl> References: <21984.1007486225@winston.freebsd.org> <200112042040.fB4Keb514245@pgh.nepinc.com> <20011205115102.E63148@espresso.q9media.com> <20011205175617.A4890@freebie.xs4all.nl> <20011205120849.F63148@espresso.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011205120849.F63148@espresso.q9media.com>; from mike@FreeBSD.ORG on Wed, Dec 05, 2001 at 12:08:49PM -0500 X-OS: FreeBSD 4.4-STABLE X-PGP: finger wilko@freebsd.org Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Dec 05, 2001 at 12:08:49PM -0500, Mike Barcroft wrote: > Wilko Bulte writes: > > On Wed, Dec 05, 2001 at 11:51:02AM -0500, Mike Barcroft wrote: > > > Jim Durham writes: > > > > Duh... right. OGS..(Old Guy Syndrome). I actually just did a cvsup to > > > > RELENG_4_4 and it didn't have the fixes. I guess I'll rephrase my > > > > question... "Can we have the patches in REGENG_4_4?". > > > > > > RELENG_4_4 is for security fixes only. Consider using -STABLE if you > > > require additional improvements. > > > > s/security/security and critical bug/ > > Did I miss a change in policy? The original announcement about > RELENG_4_3 said: > > : 2) INTRODUCTION OF THE RELENG_4_3 SECURITY BRANCH > : ---------------------------------------------- > : > : As of FreeBSD 4.3-RELEASE, the security officer will be providing > : support for a new CVS branch consisting of 4.3-RELEASE plus all > : released security patches from FreeBSD Security Advisories. This > : branch carries the CVS branch tag of ``RELENG_4_3'', and can be > : tracked using the usual source distribution methods such as cvsup > : using this branch tag. > : > : In contrast to 4.3-STABLE (``RELENG_4''), which carries security > : updates as well as general bugfixes and feature enhancements, the > : RELENG_4_3 release branch will carry ONLY security fixes: it is > : intended for users of FreeBSD who do not wish to track the full > : 4.3-STABLE branch but who wish to keep their system up-to-date with > : security fixes in a semi-automated manner (i.e. without applying > : patches by hand). > : > : This practise of using a release branch to hold security fixes is > : likely to be continued for future releases of FreeBSD. > > I was hoping to find more information in the Handbook, but we seem to > be missing a chapter about this. Say if a serious bug was found where a system could easily be made instable, without directly posing a security threat. I think one would then also fix this bug in RELENG_4_4 This following the reasoning that people track RELENG_4_4 for production systems that need the utmost stability. Of course this needs approval from the release engineer team. Crashing a system is the ultimate DoS, and DoS fixes would (I assume) find approval from the security-officer. Does this sound reasonable? I agree with you if you want to see this documented somehow. Wilko -- | / o / /_ _ email: wilko@FreeBSD.org |/|/ / / /( (_) Bulte Arnhem, The Netherlands To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message