From owner-freebsd-security  Mon May 20 11:57:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from sccrmhc03.attbi.com (sccrmhc03.attbi.com [204.127.202.63])
	by hub.freebsd.org (Postfix) with ESMTP
	id ECD8437B406; Mon, 20 May 2002 11:57:20 -0700 (PDT)
Received: from blossom.cjclark.org ([12.234.91.48]) by sccrmhc03.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020520185720.LMVG19355.sccrmhc03.attbi.com@blossom.cjclark.org>;
          Mon, 20 May 2002 18:57:20 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g4KIvFQ02050;
	Mon, 20 May 2002 11:57:15 -0700 (PDT)
	(envelope-from crist.clark@attbi.com)
X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f
Date: Mon, 20 May 2002 11:57:15 -0700
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Wes Peters <wes@softweyr.com>
Cc: Maxim Sobolev <sobomax@FreeBSD.ORG>, dsyphers@uchicago.edu,
	developers@FreeBSD.ORG, security@FreeBSD.ORG, nectar@FreeBSD.ORG
Subject: Re: Is 4.3 security branch officially "out of commission"?
Message-ID: <20020520115715.E1468@blossom.cjclark.org>
Reply-To: "Crist J. Clark" <cjc@FreeBSD.ORG>
References: <3CE8C3E2.EBF4EC8F@FreeBSD.org> <200205201008.g4KA8uKl000787@midway.uchicago.edu> <3CE8D057.BEA07F0@FreeBSD.org> <3CE93084.7C6ADAFF@softweyr.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3CE93084.7C6ADAFF@softweyr.com>; from wes@softweyr.com on Mon, May 20, 2002 at 10:21:08AM -0700
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Mon, May 20, 2002 at 10:21:08AM -0700, Wes Peters wrote:
> Maxim Sobolev wrote:

[snip]

> > What is the official procedure when somebody not from the security
> > team want to maintain older releases? For example, as I said there is
> > significant push from the local community to merge recent security
> > fixes into older releases, so that it is likely that they could
> > provide to me with tested patches for older releases they are
> > interested in. May I merge them into 4.3 security branch without my
> > commit bit being suspended for inappropriate MFCs into security
> > branch?
> 
> Once you've obtained the permission of the security officer, you may
> commit any change to a _RELEASE tag.

ITYM, "you may commit any change to a RELENG_4_? branch." A *_RELEASE
tag should never ever, ever be touched.

But to repeat, you just need an,

  Approved by:	security-officer@

On any commits to a RELENG_?_? branch. (Not to confuse things, but re@
can also approve non-security changes that are deemed critical
bug-fixes to these branches.)
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message